Lucene search
K

145 matches found

Prion
Prion
added 2019/10/07 4:15 p.m.10 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user...

6.5CVSS8.8AI score0.01401EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/07 4:15 p.m.19 views

Directory traversal

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the attachment function by a Regular user...

6.5CVSS8.6AI score0.01981EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/07 4:15 p.m.20 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user...

6.5CVSS8.8AI score0.01401EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/07 4:15 p.m.9 views

Sql injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmseProject module by a Regular user...

6.5CVSS9AI score0.01163EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/07 4:15 p.m.10 views

Sql injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a Regular user...

6.5CVSS9AI score0.01163EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/07 4:15 p.m.11 views

Directory traversal

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user...

6.5CVSS8.6AI score0.01981EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/07 4:15 p.m.11 views

Sql injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user...

6.5CVSS9AI score0.01163EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/07 4:15 p.m.10 views

Sql injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user...

6.5CVSS9AI score0.01163EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/07 4:15 p.m.16 views

Sql injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Quotes module by a Regular user...

6.5CVSS9AI score0.01163EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/10/07 3:15 p.m.15 views

CVE-2019-17318

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmseInbox module by a Regular user...

8.8CVSS9.1AI score0.01163EPSS
Exploits0References1
OSV
OSV
added 2019/10/07 3:15 p.m.4 views

CVE-2019-17318

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmseInbox module by a Regular user...

8.8CVSS7.3AI score0.01163EPSS
Exploits0References1
NVD
NVD
added 2019/10/07 3:15 p.m.11 views

CVE-2019-17319

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user...

8.8CVSS9.1AI score0.01173EPSS
Exploits0References1
OSV
OSV
added 2019/10/07 3:15 p.m.4 views

CVE-2019-17319

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user...

8.8CVSS5.8AI score0.01173EPSS
Exploits0References1
OSV
OSV
added 2019/10/07 3:15 p.m.3 views

CVE-2019-17316

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Import module by a Regular user...

8.8CVSS7.3AI score0.01488EPSS
Exploits0References1
Prion
Prion
added 2019/10/07 3:15 p.m.11 views

Sql injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user...

6.5CVSS9AI score0.01173EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/07 3:15 p.m.14 views

Code injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Import module by a Regular user...

6.5CVSS8.8AI score0.01488EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2019/10/07 3:15 p.m.16 views

Sql injection

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmseInbox module by a Regular user...

6.5CVSS9AI score0.01163EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/10/07 3:5 p.m.15 views

CVE-2019-17294

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user...

9.1AI score0.01163EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/10/07 3:5 p.m.13 views

CVE-2019-17295

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a Regular user...

9.1AI score0.01163EPSS
Exploits0References1
CVE
CVE
added 2019/10/07 3:5 p.m.47 views

CVE-2019-17296

SugarCRM is vulnerable to SQL injection in the Contacts module on versions before 8.0.4 and 9.x before 9.0.2 due to input validation issues; a regular user can exploit it. The CVE notes these fixes in 8.0.4 and 9.0.2. No exploitation details are provided in the connected documents.

8.8CVSS9AI score0.01163EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder