2 matches found
CVE-2019-17314
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the Configurator module by an Admin user...
CVE-2019-17314
SugarCRM vulnerability CVE-2019-17314 affects SugarCRM before 8.0.4 and 9.x before 9.0.2, enabling directory traversal in the Configurator module by an Admin user. Root cause cited by CNVD: lack of input validation. Some sources describe the impact as potentially allowing an attacker to inject cu...