2 matches found
CVE-2019-17310
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user...
CVE-2019-17310
CVE-2019-17310 affects SugarCRM (Campaigns module) prior to 8.0.4 and 9.x prior to 9.0.2. An Admin can inject PHP code due to input handling in Campaigns, enabling arbitrary code execution. Impact described as PHP code injection with potential for full system compromise; no exploit details provid...