6 matches found
EUVD-2019-20062
SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the parentTab parameter. Attackers can send GET requests to the email module with malicious parentTab values using boolean-based SQL injection...
CVE-2019-25663
SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the parentTab parameter. Attackers can send GET requests to the email module with malicious parentTab values using boolean-based SQL injection...
CVE-2019-25663 SuiteCRM 7.10.7 SQL Injection via parentTab Parameter
SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the parentTab parameter. Attackers can send GET requests to the email module with malicious parentTab values using boolean-based SQL injection...
CVE-2019-25663
SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the parentTab parameter. Attackers can send GET requests to the email module with malicious parentTab values using boolean-based SQL injection...
SuiteCRM 7.10.7 - 'parentTab' SQL Injection
Exploit Title: SuiteCRM 7.10.7 - 'parentTab' SQL Vulnerabilities Dork: N/A Date: 03-02-2019 Exploit Author: Mehmet EMIROGLU Vendor Homepage: https://suitecrm.com/ Software Link: https://suitecrm.com/download/ Version: 7.10.7 Category: Webapps Tested on: Wampp @Win CVE: N/A Software Description:...
CVE-2008-3101
Multiple cross-site scripting XSS vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the parenttab parameter in an index action to the Products module, as reachable through index.php; 2 the userpassword parameter in an Authenticate action to th...