6 matches found
EUVD-2024-36074
Malicious code in bioql PyPI...
EUVD-2021-32614
Malicious code in bioql PyPI...
CVE-2025-54785 SuiteCRM is Vulnerable to PHP Object Injection in Reports
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. In versions 7.14.6 and 8.8.0, user-supplied input is not validated/sanitized before it is passed to the unserialize function, which could lead to penetration, privilege escalation, sensitive da...
CVE-2023-47643
SuiteCRM is a Customer Relationship Management CRM software application. Prior to version 8.4.2, Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and functions. An attacker can obtain the GraphQL schema and understand the entire...
CVE-2020-8787
SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted...
CVE-2021-45899
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote code execution...