Lucene search
K

23 matches found

EUVD
EUVD
added 2026/03/19 10:48 p.m.3 views

EUVD-2026-13359

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. SuiteCRM 7.15.0 contains a reflected HTML injection vulnerability in the login page that allows attackers to inject arbitrary HTML content, enabling phishing attacks and page defacement. Versio...

7.1CVSS5.9AI score0.00164EPSS
Exploits0References1
OSV
OSV
added 2025/11/08 12:15 a.m.5 views

CVE-2025-64489 SuiteCRM: Privilege Escalation via Improper Session Invalidation and Inactive User Bypass

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions 7.14.7 and prior, 8.0.0-beta.1 through 8.9.0 contain a privilege escalation vulnerability where user sessions are not invalidated upon account deactivation. An inactive user with an...

8.3CVSS7AI score0.00302EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-2388

Malware in sbrugna...

3CVSS6.3AI score0.0027EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-17382

Malicious code in bioql PyPI...

9.9CVSS9AI score0.00856EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-58628

Malicious code in bioql PyPI...

5CVSS5.3AI score0.0046EPSS
Exploits1References4
OSV
OSV
added 2025/01/01 7:18 a.m.16 views

BIT-SUITECRM-2024-1644 Suite CRM v7.14.2 - RCE via Local File Inclusion

Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI...

9.9CVSS8.9AI score0.00856EPSS
Exploits1References3
OSV
OSV
added 2024/03/06 11:5 a.m.14 views

BIT-SUITECRM-2023-6388 Suite CRM v7.14.2 - SSRF

Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF...

5CVSS5.1AI score0.0046EPSS
Exploits1References3
NVD
NVD
added 2024/02/20 12:15 a.m.17 views

CVE-2024-1644

Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI...

9.9CVSS9.3AI score0.00856EPSS
Exploits1References2
OSV
OSV
added 2024/02/20 12:15 a.m.8 views

CVE-2024-1644

Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI...

8.8CVSS9.1AI score
Exploits0References2
Prion
Prion
added 2024/02/20 12:15 a.m.19 views

Code injection

Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI...

6.5CVSS6.9AI score0.00856EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/02/19 11:54 p.m.15 views

CVE-2024-1644 Suite CRM v7.14.2 - RCE via Local File Inclusion

Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI...

9.9CVSS6.7AI score0.00856EPSS
Exploits1References2
CVE
CVE
added 2024/02/19 11:54 p.m.109 views

CVE-2024-1644

CVE-2024-1644 affects SuiteCRM v7.14.2, where a Local File Inclusion (LFI) vulnerability allows including local PHP files. Multiple connected sources describe the issue as a code vulnerability enabling LFI, with some references explicitly noting possible Remote Code Execution (RCE) via LFI. The r...

9.9CVSS9.3AI score0.00856EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/02/19 11:54 p.m.29 views

CVE-2024-1644 Suite CRM v7.14.2 - RCE via Local File Inclusion

Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI...

9.9CVSS9.3AI score0.00856EPSS
Exploits1References2
NVD
NVD
added 2024/02/07 3:15 a.m.16 views

CVE-2023-6388

Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF...

5CVSS5.2AI score0.0046EPSS
Exploits1References3
OSV
OSV
added 2024/02/07 3:15 a.m.6 views

CVE-2023-6388

Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF...

5CVSS5.4AI score
Exploits0References3
Prion
Prion
added 2024/02/07 3:15 a.m.15 views

Server side request forgery (ssrf)

Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF...

4CVSS7.3AI score0.0046EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/02/07 2:47 a.m.76 views

CVE-2023-6388

SuiteCRM 7.14.2 is affected by an SSRF vulnerability that allows an attacker to make arbitrary HTTP requests through the vulnerable server. Root cause: SSRF in the application; impact is the ability to trigger outbound requests via the server. Remediation: upgrade to a version that fixes the SSRF...

5CVSS5.3AI score0.0046EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/07 2:47 a.m.16 views

CVE-2023-6388 Suite CRM v7.14.2 - SSRF

Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF...

5CVSS5.3AI score0.0046EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/02/07 2:47 a.m.19 views

CVE-2023-6388 Suite CRM v7.14.2 - SSRF

Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF...

5CVSS5.5AI score0.0046EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/01/05 12:0 a.m.4 views

PT-2024-3586 · Suitecrm · Suitecrm

Name of the Vulnerable Software and Affected Versions: Suite CRM version 7.14.2 Description: The issue is related to a Local File Inclusion LFI vulnerability, which allows an attacker to include local PHP files. This can enable a remote attacker to run or open files on the web server without havi...

9.9CVSS6.9AI score0.00856EPSS
Exploits1References18
Rows per page
Query Builder