Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
salesagility suitecrm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-45899
SuiteCRM prior to 7.12.3 and 8.x prior to 8.0.2 allows PHAR deserialization that can lead to remote code execution.
Salesagility Suitecrm
Salesagility Suitecrm 8.0
5.3
CVSSv3
CVE-2019-18782
SuiteCRM 7.10.x before 7.10.21 and 7.11.x before 7.11.9 does not correctly implement the .htaccess protection mechanism.
Salesagility Suitecrm
9.8
CVSSv3
CVE-2019-18784
SuiteCRM 7.10.x versions before 7.10.21 and 7.11.x versions before 7.11.9 allow SQL Injection.
Salesagility Suitecrm
9.8
CVSSv3
CVE-2020-8783
SuiteCRM 7.10.x versions before 7.10.23 and 7.11.x versions before 7.11.11 allow SQL Injection (issue 1 of 4).
Salesagility Suitecrm
8.8
CVSSv3
CVE-2022-23940
SuiteCRM up to and including 7.12.1 and 8.x up to and including 8.0.1 allows Remote Code Execution. Authenticated users with access to the Scheduled Reports module can achieve this by leveraging PHP deserialization in the email_recipients property. By using a crafted request, the...
Salesagility Suitecrm
1 Github repository
8.1
CVSSv3
CVE-2015-5948
Race condition in SuiteCRM prior to 7.2.3 allows remote malicious users to execute arbitrary code. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5947.
Salesagility Suitecrm
5.3
CVSSv3
CVE-2021-41596
SuiteCRM prior to 7.10.33 and 7.11.22 allows information disclosure via Directory Traversal. An attacker can partially include arbitrary files via the importFile parameter of the RefreshMapping import functionality.
Salesagility Suitecrm
9.8
CVSSv3
CVE-2019-12598
SuiteCRM 7.8.x prior to 7.8.30, 7.10.x prior to 7.10.17, and 7.11.x prior to 7.11.5 allows SQL Injection (issue 1 of 3).
Salesagility Suitecrm
9.8
CVSSv3
CVE-2019-12601
SuiteCRM 7.8.x prior to 7.8.30, 7.10.x prior to 7.10.17, and 7.11.x prior to 7.11.5 allows SQL Injection (issue 3 of 3).
Salesagility Suitecrm
8.8
CVSSv3
CVE-2023-1034
Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm before 7.12.9.
Salesagility Suitecrm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »