CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

950 matches found

OSV•added 2019/10/07 4:15 p.m.•0 views

CVE-2019-17300

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user...

8.8CVSS7.4AI score

Exploits0References1

NVD•added 2019/10/07 4:15 p.m.•8 views

CVE-2019-17310

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user...

7.2CVSS7.3AI score0.00473EPSS

Exploits0References1

NVD•added 2019/10/07 4:15 p.m.•8 views

CVE-2019-17307

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Tracker module by an Admin user...

7.2CVSS7.3AI score0.00418EPSS

Exploits0References1

NVD•added 2019/10/07 4:15 p.m.•7 views

CVE-2019-17309

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the EmailMan module by an Admin user...

7.2CVSS7.3AI score0.00473EPSS

Exploits0References1

OSV•added 2019/10/07 4:15 p.m.•0 views

CVE-2019-17304

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...

7.2CVSS5.8AI score

Exploits0References1

OSV•added 2019/10/07 4:15 p.m.•1 views

CVE-2019-17303

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...

8.8CVSS7.4AI score

Exploits0References1

NVD•added 2019/10/07 4:15 p.m.•6 views

CVE-2019-17299

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user...

7.2CVSS7.3AI score0.00473EPSS

Exploits0References1

OSV•added 2019/10/07 4:15 p.m.•1 views

CVE-2019-17299

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user...

7.2CVSS7.2AI score0.00473EPSS

Exploits0References1

OSV•added 2019/10/07 4:15 p.m.•2 views

CVE-2019-17310

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user...

7.2CVSS7.2AI score0.00473EPSS

Exploits0References1

Prion•added 2019/10/07 4:15 p.m.•12 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user...

6.5CVSS7.2AI score0.00473EPSS

Exploits0References1Affected Software1

Prion•added 2019/10/07 4:15 p.m.•11 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user...

6.5CVSS7.2AI score0.00418EPSS

Exploits0References1Affected Software1

Prion•added 2019/10/07 4:15 p.m.•11 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...

6.5CVSS8.8AI score0.00461EPSS

Exploits0References1Affected Software1

Prion•added 2019/10/07 4:15 p.m.•9 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user...

6.5CVSS8.8AI score0.00461EPSS

Exploits0References1Affected Software1

Prion•added 2019/10/07 4:15 p.m.•13 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user...

6.5CVSS8.8AI score0.00461EPSS

Exploits0References1Affected Software1

Prion•added 2019/10/07 4:15 p.m.•9 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...

6.5CVSS7.2AI score0.00418EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/10/07 3:5 p.m.•10 views

CVE-2019-17299

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user...

7.3AI score0.00473EPSS

Exploits0References1

CVE•added 2019/10/07 3:5 p.m.•38 views

CVE-2019-17299

CVE-2019-17299 affects SugarCRM before 8.0.4 and 9.x before 9.0.2. The vulnerability is a PHP code injection in the Administration module that can be exploited by an Admin user. Several connected sources corroborate that the issue stems from insufficient input validation, enabling code injection ...

7.2CVSS7.2AI score0.00473EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/10/07 3:4 p.m.•13 views

CVE-2019-17300

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user...

8.9AI score0.00461EPSS

Exploits0References1

CVE•added 2019/10/07 3:4 p.m.•58 views

CVE-2019-17300

SugarCRM is affected by a PHP code injection vulnerability (CVE-2019-17300) in the Administration module. Affected versions are SugarCRM before 8.0.4 and 9.x before 9.0.2. The root cause described across connected sources is insufficient input validation, enabling a Developer user to inject and e...

8.8CVSS8.8AI score0.00461EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/10/07 3:4 p.m.•13 views

CVE-2019-17301

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user...

7.3AI score0.00418EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by