Lucene search
K

4 matches found

0day.today
0day.today
added 2023/08/24 12:0 a.m.419 views

SugarCRM 12.2.0 Bean Manipulation Vulnerability

------------------------------------------------------------------------ SugarCRM = 12.2.0 updateGeocodeStatus Bean Manipulation Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and...

8.8CVSS7.1AI score0.01256EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/08/23 12:0 a.m.510 views

SugarCRM 12.2.0 Bean Manipulation

------------------------------------------------------------------------ SugarCRM = 12.2.0 updateGeocodeStatus Bean Manipulation Vulnerability ------------------------------------------------------------------------ - Software Link: https://www.sugarcrm.com - Affected Versions: Version 12.2.0 and...

8.8CVSS7.1AI score0.01256EPSS
Exploits2
CVE
CVE
added 2023/06/17 12:0 a.m.46 views

CVE-2023-35809

CVE-2023-35809 — SugarCRM Bean Manipulation via REST API is documented to affect SugarCRM Enterprise versions prior to 11.0.6 and 12.x prior to 12.0.3. The root cause is missing input validation in the REST API, enabling a crafted request to inject and execute custom PHP code with regular user pr...

8.8CVSS8.6AI score0.01256EPSS
Exploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/17 12:0 a.m.10 views

CVE-2023-35809

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Bean Manipulation vulnerability has been identified in the REST API. By using a crafted request, custom PHP code can be injected through the REST API because of missing input validation. Regular user privileges...

7AI score0.01256EPSS
Exploits2References3
Rows per page
Query Builder