3 matches found
CVE-2019-17309
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the EmailMan module by an Admin user...
CVE-2019-17309
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the EmailMan module by an Admin user...
CVE-2019-17309
CVE-2019-17309 affects SugarCRM: vulnerable in SugarCRM versions before 8.0.4 and 9.x before 9.0.2, in the EmailMan module. The underlying issue is PHP code injection via that module by an Admin user, enabling arbitrary code execution per the description. Remediation: upgrade to SugarCRM 8.0.4 or...