Suitecrm Security Vulnerabilities and Issues — Suitecrm CVE List

Lucene search

SalesagilitySuitecrm

14 matches found

CVE•added 2023/10/03 12:15 p.m.•88 views

CVE-2023-5350

SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1.

9.1CVSS8.1AI score0.00154EPSS

CVE•added 2023/10/03 1:15 p.m.•86 views

CVE-2023-5353

Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1.

8.1CVSS6.8AI score0.00065EPSS

CVE•added 2023/11/14 4:15 p.m.•52 views

CVE-2023-6128

Cross-site Scripting (XSS) - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

6.8CVSS5.5AI score0.0016EPSS

CVE•added 2023/11/14 4:15 p.m.•50 views

CVE-2023-6127

Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

5.4CVSS5.5AI score0.00175EPSS

CVE•added 2023/11/14 3:15 p.m.•49 views

CVE-2023-6124

Server-Side Request Forgery (SSRF) in GitHub repository salesagility/suitecrm prior to 7.14.2, 8.4.2, 7.12.14.

5CVSS4.7AI score0.00131EPSS

CVE•added 2023/11/14 5:15 p.m.•48 views

CVE-2023-6130

Path Traversal: '..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

8.8CVSS7.8AI score0.00221EPSS

CVE•added 2023/02/25 2:15 a.m.•46 views

CVE-2023-1034

Path Traversal: '..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9.

8.8CVSS6.4AI score0.01609EPSS

CVE•added 2023/11/14 4:15 p.m.•46 views

CVE-2023-6125

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

8.8CVSS7.3AI score0.00114EPSS

CVE•added 2023/11/14 5:15 p.m.•45 views

CVE-2023-6131

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

8.8CVSS7.7AI score0.0017EPSS

CVE•added 2023/11/21 8:15 p.m.•43 views

CVE-2023-47643

SuiteCRM is a Customer Relationship Management (CRM) software application. Prior to version 8.4.2, Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and functions. An attacker can obtain the GraphQL schema and understand the entire at...

5.3CVSS4.3AI score0.43187EPSS

CVE•added 2023/11/14 4:15 p.m.•42 views

CVE-2023-6126

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.

9.8CVSS7.2AI score0.00142EPSS

CVE•added 2023/10/03 12:15 p.m.•40 views

CVE-2023-5351

Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm prior to 7.14.1.

8.9CVSS5.6AI score0.00126EPSS

CVE•added 2023/07/11 5:15 p.m.•35 views

CVE-2023-3627

Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core prior to 8.3.1.

8.8CVSS8.6AI score0.0007EPSS

CVE•added 2023/06/16 11:15 a.m.•27 views

CVE-2023-3293

Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0.

7.6CVSS5.1AI score0.00062EPSS