Sugarcrm@5.2a Security Vulnerabilities and Issues — Sugarcrm@5.2a CVE List

Lucene search

SugarcrmSugarcrm5.2a

3 matches found

CVE•added 2009/08/27 6:30 p.m.•39 views

CVE-2009-2978

SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 5.0.0k and earlier, and 5.2.0g and earlier, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5CVSS8.6AI score0.00836EPSS

CVE•added 2011/03/16 10:55 p.m.•35 views

CVE-2011-0745

SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain duplicate check, which allows remote authenticated users to discover (1) the names of customers via a ShowDuplicates action to the Accounts module, reachable through index.php; or (2)...

4CVSS6.4AI score0.06028EPSS

Web

CVE•added 2010/03/19 7:30 p.m.•33 views

CVE-2010-0465

Cross-site scripting (XSS) vulnerability in the online Documents functionality in SugarCRM 5.2.x before 5.2.0l and 5.5.x before 5.5.0a allows remote authenticated users to inject arbitrary web script or HTML via the Document Name field.

4.3CVSS5.4AI score0.00285EPSS