Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sugarcrm sugarcrm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2012-0694
SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote malicious users to execute arbitrary PHP code.
Sugarcrm Sugarcrm
2 EDB exploits
8.8
CVSSv3
CVE-2019-17318
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user.
Sugarcrm Sugarcrm
9.8
CVSSv3
CVE-2014-3244
XML external entity (XXE) vulnerability in the RSSDashlet dashlet in SugarCRM prior to 6.5.17 allows remote malicious users to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.
Sugarcrm Sugarcrm
5.4
CVSSv3
CVE-2020-17372
SugarCRM prior to 10.1.0 (Q3 2020) allows XSS.
Sugarcrm Sugarcrm
7.2
CVSSv3
CVE-2019-17292
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user.
Sugarcrm Sugarcrm
8.8
CVSSv3
CVE-2019-17293
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the pmse_Project module by a Regular user.
Sugarcrm Sugarcrm
8.8
CVSSv3
CVE-2019-17294
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the export function by a Regular user.
Sugarcrm Sugarcrm
8.8
CVSSv3
CVE-2019-17295
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the history function by a Regular user.
Sugarcrm Sugarcrm
8.8
CVSSv3
CVE-2019-17296
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the Contacts module by a Regular user.
Sugarcrm Sugarcrm
8.8
CVSSv3
CVE-2019-17297
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the Quotes module by a Regular user.
Sugarcrm Sugarcrm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »