Suitecrm@7.10.0 Security Vulnerabilities and Issues — Suitecrm@7.10.0 CVE List

Lucene search

SalesagilitySuitecrm7.10.0

18 matches found

CVE•added 2019/09/30 1:15 p.m.•76 views

CVE-2019-14752

SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS.

6.1CVSS6.3AI score0.00312EPSS

CVE•added 2020/03/20 1:15 a.m.•76 views

CVE-2019-18782

SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 does not correctly implement the .htaccess protection mechanism.

5.3CVSS5.2AI score0.00206EPSS

CVE•added 2019/06/07 6:29 p.m.•67 views

CVE-2019-12601

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 3 of 3).

9.8CVSS9.9AI score0.00415EPSS

CVE•added 2019/06/07 6:29 p.m.•65 views

CVE-2019-12600

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 2 of 3).

9.8CVSS9.9AI score0.00415EPSS

CVE•added 2020/03/16 10:15 p.m.•62 views

CVE-2020-8783

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection (issue 1 of 4).

9.8CVSS9.8AI score0.00435EPSS

CVE•added 2020/03/16 10:15 p.m.•55 views

CVE-2020-8785

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection (issue 3 of 4).

9.8CVSS9.8AI score0.00435EPSS

CVE•added 2020/03/16 10:15 p.m.•54 views

CVE-2020-8786

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection (issue 4 of 4).

9.8CVSS9.8AI score0.00435EPSS

CVE•added 2020/03/16 10:15 p.m.•52 views

CVE-2020-8784

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection (issue 2 of 4).

9.8CVSS9.8AI score0.00435EPSS

CVE•added 2020/03/16 10:15 p.m.•48 views

CVE-2020-8787

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted.

7.5CVSS7.5AI score0.0021EPSS

CVE•added 2019/06/07 6:29 p.m.•47 views

CVE-2019-12598

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 1 of 3).

9.8CVSS9.9AI score0.00415EPSS

CVE•added 2022/01/12 8:15 p.m.•45 views

CVE-2021-41597

SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote code execution, via the UpgradeWizard functionality, if a PHP file is included in a ZIP archive.

8.8CVSS8.8AI score0.00437EPSS

CVE•added 2019/06/07 6:29 p.m.•42 views

CVE-2019-12599

SuiteCRM 7.10.x before 7.10.17 and 7.11.x before 7.11.5 allows SQL Injection.

9.8CVSS9.7AI score0.00415EPSS

CVE•added 2019/10/02 12:15 p.m.•40 views

CVE-2019-14454

SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation.

9.8CVSS9.4AI score0.00528EPSS

CVE•added 2019/09/27 4:15 p.m.•40 views

CVE-2019-16922

SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files.

5.3CVSS5.3AI score0.00237EPSS

CVE•added 2021/10/04 7:15 a.m.•39 views

CVE-2021-41869

SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation.

8.8CVSS8.7AI score0.00883EPSS

CVE•added 2019/11/06 3:15 a.m.•36 views

CVE-2019-18784

SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to 7.11.9 allow SQL Injection.

9.8CVSS9.6AI score0.00343EPSS

CVE•added 2019/10/02 12:15 p.m.•35 views

CVE-2019-13335

SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF.

9.8CVSS9.4AI score0.00588EPSS

CVE•added 2018/09/26 5:29 p.m.•32 views

CVE-2018-15606

An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message.

6.1CVSS5.9AI score0.00301EPSS