Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sugarcrm vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-7472
An authorization bypass and PHP local-file-include vulnerability in the installation component of SugarCRM prior to 8.0, 8.0 prior to 8.0.7, 9.0 prior to 9.0.4, and 10.0 prior to 10.0.0 allows for unauthenticated remote code execution against a configured SugarCRM instance via cr...
Sugarcrm Sugarcrm
3.5
CVSSv2
CVE-2020-17372
SugarCRM prior to 10.1.0 (Q3 2020) allows XSS.
Sugarcrm Sugarcrm
3.5
CVSSv2
CVE-2020-17373
SugarCRM prior to 10.1.0 (Q3 2020) allows SQL Injection.
Sugarcrm Sugarcrm
7.5
CVSSv2
CVE-2012-0694
SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote malicious users to execute arbitrary PHP code.
Sugarcrm Sugarcrm
2 EDB exploits
6.5
CVSSv2
CVE-2019-17303
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user.
Sugarcrm Sugarcrm
6.5
CVSSv2
CVE-2019-17305
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user.
Sugarcrm Sugarcrm
6.5
CVSSv2
CVE-2019-17307
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the Tracker module by an Admin user.
Sugarcrm Sugarcrm
6.5
CVSSv2
CVE-2019-17311
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows directory traversal in the attachment function by a Regular user.
Sugarcrm Sugarcrm
6.5
CVSSv2
CVE-2019-17300
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the Administration module by a Developer user.
Sugarcrm Sugarcrm
6.5
CVSSv2
CVE-2019-17301
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user.
Sugarcrm Sugarcrm
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »