Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salesagility suitecrm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-45899
SuiteCRM prior to 7.12.3 and 8.x prior to 8.0.2 allows PHAR deserialization that can lead to remote code execution.
Salesagility Suitecrm
Salesagility Suitecrm 8.0
9.1
CVSSv3
CVE-2023-5350
SQL Injection in GitHub repository salesagility/suitecrm before 7.14.1.
Salesagility Suitecrm
5.4
CVSSv3
CVE-2023-5351
Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm before 7.14.1.
Salesagility Suitecrm
6.5
CVSSv3
CVE-2023-5353
Improper Access Control in GitHub repository salesagility/suitecrm before 7.14.1.
Salesagility Suitecrm
8.8
CVSSv3
CVE-2023-3627
Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core before 8.3.1.
Salesagility Suitecrm
8.8
CVSSv3
CVE-2023-1034
Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm before 7.12.9.
Salesagility Suitecrm
5.3
CVSSv3
CVE-2021-41595
SuiteCRM prior to 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the file_name parameter of the Step3 import functionality.
Salesagility Suitecrm
8.8
CVSSv3
CVE-2021-41597
SuiteCRM up to and including 7.11.21 is vulnerable to CSRF, with resultant remote code execution, via the UpgradeWizard functionality, if a PHP file is included in a ZIP archive.
Salesagility Suitecrm
8.8
CVSSv3
CVE-2021-41869
SuiteCRM 7.10.x prior to 7.10.33 and 7.11.x prior to 7.11.22 is vulnerable to privilege escalation.
Salesagility Suitecrm
8
CVSSv3
CVE-2021-25960
In “SuiteCRM” application, v7.11.18 through v7.11.19 and v7.10.29 through v7.10.31 are affected by “CSV Injection” vulnerability (Formula Injection). A low privileged attacker can use accounts module to inject payloads in the input fields. When an administ...
Salesagility Suitecrm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »