6 matches found
CVE-2022-50590
SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of the ‘module’ parameter within the ‘deleteAttachment’ functionality. Successful exploitation allows remote unauthenticated attackers to alter database objects including changing the email address of t...
CVE-2022-50590 SuiteCRM < 7.12.6 Type Confusion via 'deleteAttachment' Functionality
SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of the ‘module’ parameter within the ‘deleteAttachment’ functionality. Successful exploitation allows remote unauthenticated attackers to alter database objects including changing the email address of t...
CVE-2022-50590 SuiteCRM < 7.12.6 Type Confusion via 'deleteAttachment' Functionality
SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of the ‘module’ parameter within the ‘deleteAttachment’ functionality. Successful exploitation allows remote unauthenticated attackers to alter database objects including changing the email address of t...
SuiteCRM 安全漏洞
SuiteCRM is a customer relationship management system from the SuiteCRM team. A security vulnerability exists in SuiteCRM versions prior to 7.12.6 that stems from a type confusion when handling the module parameter in the deleteAttachment function, which could allow an unauthenticated, remote...
PT-2025-45365
SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of the ‘module’ parameter within the ‘deleteAttachment’ functionality. Successful exploitation allows remote unauthenticated attackers to alter database objects including changing the email address of t...
CVE-2021-31855
KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a remote server e.g., an IMAP server causes KMail to upload the decrypted content of the message to the remote server. With a crafted message...