6 matches found
Breaking Into Your Company's Internal Network - SuiteCRM 7.11.4
As part of our efforts to make the open source web application space more secure we scanned SuiteCRM 7.11.4 with our static code analysis tool RIPS and we detected multiple critical vulnerabilities. Among them is a SQL Injection that can be exploited as a normal user CVE-2019-12598, which can be...
SuiteCRM 7.8.x < 7.8.30, 7.10.x < 7.10.17, 7.11.x < 7.11.5 Multiple SQL Injection Vulnerabilities
SuiteCRM is prone to multiple SQL injection vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-12601
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection issue 3 of 3...
CVE-2019-12601
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection issue 3 of 3...
CVE-2019-12601
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection issue 3 of 3...
CVE-2019-12601
CVE-2019-12601 affects SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5, enabling SQL injection due to user-controlled input in the application’s SQL paths. The issue is documented with high-severity CVSS scores (2.0/3.0) and is fixed by upgrading to the released patc...