4 matches found
CVE-2024-50333
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. User input is not validated and is written to the filesystem. The ParserLabel::addLabels function can be used to write attacker-controlled data into the custom language file that will be includ...
CVE-2024-50333
CVE-2024-50333 pertains to SuiteCRM where user input is not validated and is written to the filesystem. The issue arises from ParserLabel::addLabels(), which can write attacker-controlled data into a custom language file that is included at runtime. Affects SuiteCRM versions prior to 7.14.6 and 8...
CVE-2024-50333 RCE in ModuleBuilder in SuiteCRM
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. User input is not validated and is written to the filesystem. The ParserLabel::addLabels function can be used to write attacker-controlled data into the custom language file that will be includ...
PT-2024-34146
Name of the Vulnerable Software and Affected Versions: SuiteCRM versions prior to 7.14.6 SuiteCRM versions prior to 8.7.1 Description: The issue arises from the lack of validation of user input, which is then written to the filesystem. The ParserLabel::addLabels function can be exploited to write...