21 matches found
EUVD-2019-7716
Malware in sbrugna...
EUVD-2019-7718
Malware in sbrugna...
EUVD-2019-7717
Malware in sbrugna...
CVE-2019-17304
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...
CVE-2019-17303
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...
CVE-2019-17305
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...
SugarCRM PHP code injection vulnerability (CNVD-2019-34421)
SugarCRM is a set of open source customer relationship management software . A PHP code injection vulnerability exists in the MergeRecords module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to execute arbitrary code...
SugarCRM PHP code injection vulnerability (CNVD-2019-34420)
SugarCRM is a set of open source customer relationship management software . A PHP code injection vulnerability exists in the MergeRecords module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to execute arbitrary code...
CVE-2019-17303
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...
CVE-2019-17304
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...
CVE-2019-17305
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...
CVE-2019-17305
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...
Code injection
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...
Code injection
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...
Code injection
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...
CVE-2019-17303
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...
CVE-2019-17303
CVE-2019-17303 affects SugarCRM: versions before 8.0.4 and 9.x before 9.0.2 are vulnerable to PHP code injection in the MergeRecords module when executed by a Developer user. The root cause is lack of input validation, enabling arbitrary PHP execution. Impact details in the records show CVSSv3.1 ...
CVE-2019-17304
CVE-2019-17304 affects SugarCRM: PHP code injection in the MergeRecords module. Affected: SugarCRM before 8.0.4 and 9.x before 9.0.2. Root cause cited: insufficient input validation in the MergeRecords component, enabling an Admin user to inject PHP code. Impact is high for confidentiality, integ...
CVE-2019-17304
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...
CVE-2019-17305
CVE-2019-17305 affects SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2. The vulnerability is a PHP code injection in the MergeRecords module that can be exploited by a Regular user. The connected sources consistently describe this as a PHP code injection flaw arising from insufficient input valida...