Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sugarcrm sugarcrm vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-17318
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user.
Sugarcrm Sugarcrm
9.8
CVSSv3
CVE-2020-7472
An authorization bypass and PHP local-file-include vulnerability in the installation component of SugarCRM prior to 8.0, 8.0 prior to 8.0.7, 9.0 prior to 9.0.4, and 10.0 prior to 10.0.0 allows for unauthenticated remote code execution against a configured SugarCRM instance via cr...
Sugarcrm Sugarcrm
8.8
CVSSv3
CVE-2019-17295
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the history function by a Regular user.
Sugarcrm Sugarcrm
8.8
CVSSv3
CVE-2019-17296
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the Contacts module by a Regular user.
Sugarcrm Sugarcrm
8.8
CVSSv3
CVE-2019-17298
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the Administration module by a Developer user.
Sugarcrm Sugarcrm
7.2
CVSSv3
CVE-2019-17306
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the Configurator module by an Admin user.
Sugarcrm Sugarcrm
7.2
CVSSv3
CVE-2019-17307
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the Tracker module by an Admin user.
Sugarcrm Sugarcrm
8.8
CVSSv3
CVE-2019-17308
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the Emails module by a Regular user.
Sugarcrm Sugarcrm
7.2
CVSSv3
CVE-2019-17310
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the Campaigns module by an Admin user.
Sugarcrm Sugarcrm
8.8
CVSSv3
CVE-2019-17312
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows directory traversal in the file function by a Regular user.
Sugarcrm Sugarcrm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »