4 matches found
CVE-2020-8803
SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via addtoprospectlist...
CVE-2020-8803
SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via addtoprospectlist...
CVE-2020-8803
CVE-2020-8803 affects SuiteCRM up to version 7.11.11 and describes a Local File Inclusion/Directory Traversal via add_to_prospect_list, allowing inclusion of arbitrary .php files within the webroot and potential ACL bypass. Root cause: inadequate validation of user input in add_to_prospect_list l...
SuiteCRM 7.11.11 Broken Access Control / Local File Inclusion
------------------------------------------------------------------------------ SuiteCRM = 7.11.11 addtoprospectlist Broken Access Control Vulnerability ------------------------------------------------------------------------------ - Software Link: https://suitecrm.com/ - Affected Versions: Versio...