21 matches found
EUVD-2019-7716
Malware in sbrugna...
EUVD-2019-7717
Malware in sbrugna...
EUVD-2019-7718
Malware in sbrugna...
CVE-2019-17304
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...
CVE-2019-17303
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...
CVE-2019-17305
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...
SugarCRM PHP code injection vulnerability (CNVD-2019-34421)
SugarCRM is a set of open source customer relationship management software . A PHP code injection vulnerability exists in the MergeRecords module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to execute arbitrary code...
SugarCRM PHP code injection vulnerability (CNVD-2019-34420)
SugarCRM is a set of open source customer relationship management software . A PHP code injection vulnerability exists in the MergeRecords module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to execute arbitrary code...
CVE-2019-17303
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...
CVE-2019-17304
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...
CVE-2019-17305
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...
CVE-2019-17305
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...
Code injection
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...
Code injection
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...
Code injection
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...
CVE-2019-17303
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...
CVE-2019-17303
CVE-2019-17303 affects SugarCRM: versions before 8.0.4 and 9.x before 9.0.2 are vulnerable to PHP code injection in the MergeRecords module when executed by a Developer user. The root cause is lack of input validation, enabling arbitrary PHP execution. Impact details in the records show CVSSv3.1 ...
CVE-2019-17304
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...
CVE-2019-17304
CVE-2019-17304 affects SugarCRM: PHP code injection in the MergeRecords module. Affected: SugarCRM before 8.0.4 and 9.x before 9.0.2. Root cause cited: insufficient input validation in the MergeRecords component, enabling an Admin user to inject PHP code. Impact is high for confidentiality, integ...
CVE-2019-17305
CVE-2019-17305 affects SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2. The vulnerability is a PHP code injection in the MergeRecords module that can be exploited by a Regular user. The connected sources consistently describe this as a PHP code injection flaw arising from insufficient input valida...