CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2019/10/07 4:15 p.m.•25 views

CVE-2019-17299

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user...

NVD•added 2019/10/07 4:15 p.m.•15 views

CVE-2019-17303

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...

8.8CVSS8.9AI score0.01401EPSS

NVD•added 2019/10/07 4:15 p.m.•26 views

CVE-2019-17307

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Tracker module by an Admin user...

OSV•added 2019/10/07 4:15 p.m.•7 views

CVE-2019-17302

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user...

8.8CVSS7.4AI score0.01401EPSS

NVD•added 2019/10/07 4:15 p.m.•21 views

CVE-2019-17309

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the EmailMan module by an Admin user...

NVD•added 2019/10/07 4:15 p.m.•11 views

CVE-2019-17310

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user...

NVD•added 2019/10/07 4:15 p.m.•12 views

CVE-2019-17308

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user...

8.8CVSS8.9AI score0.01401EPSS

NVD•added 2019/10/07 4:15 p.m.•25 views

CVE-2019-17301

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user...

OSV•added 2019/10/07 4:15 p.m.•5 views

CVE-2019-17303

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user...

8.8CVSS7.4AI score0.01401EPSS

OSV•added 2019/10/07 4:15 p.m.•4 views

CVE-2019-17310

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user...

7.2CVSS7.2AI score0.01353EPSS

OSV•added 2019/10/07 4:15 p.m.•3 views

CVE-2019-17304

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...

7.2CVSS5.8AI score0.01353EPSS

Prion•added 2019/10/07 4:15 p.m.•17 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...

6.5CVSS8.8AI score0.01401EPSS

Prion•added 2019/10/07 4:15 p.m.•13 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user...

6.5CVSS7.2AI score0.01353EPSS

Prion•added 2019/10/07 4:15 p.m.•18 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user...

6.5CVSS7.2AI score0.01353EPSS

Prion•added 2019/10/07 4:15 p.m.•14 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user...

6.5CVSS8.8AI score0.01401EPSS

Prion•added 2019/10/07 4:15 p.m.•17 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user...

6.5CVSS7.2AI score0.01353EPSS

Prion•added 2019/10/07 4:15 p.m.•17 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user...

6.5CVSS8.8AI score0.01401EPSS

Cvelist•added 2019/10/07 3:5 p.m.•31 views

CVE-2019-17299

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user...

7.3AI score0.01353EPSS

CVE•added 2019/10/07 3:5 p.m.•47 views

CVE-2019-17299

CVE-2019-17299 affects SugarCRM before 8.0.4 and 9.x before 9.0.2. The vulnerability is a PHP code injection in the Administration module that can be exploited by an Admin user. Several connected sources corroborate that the issue stems from insufficient input validation, enabling code injection ...

7.2CVSS7.2AI score0.01353EPSS