Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suitecrm vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-8803
SuiteCRM up to and including 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via add_to_prospect_list.
Salesagility Suitecrm
6.5
CVSSv3
CVE-2020-8804
SuiteCRM up to and including 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module.
Salesagility Suitecrm
9.8
CVSSv3
CVE-2020-8783
SuiteCRM 7.10.x versions before 7.10.23 and 7.11.x versions before 7.11.11 allow SQL Injection (issue 1 of 4).
Salesagility Suitecrm
9.8
CVSSv3
CVE-2020-8786
SuiteCRM 7.10.x versions before 7.10.23 and 7.11.x versions before 7.11.11 allow SQL Injection (issue 4 of 4).
Salesagility Suitecrm
8.8
CVSSv3
CVE-2020-8800
SuiteCRM up to and including 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.
Salesagility Suitecrm
8.8
CVSSv3
CVE-2021-41869
SuiteCRM 7.10.x prior to 7.10.33 and 7.11.x prior to 7.11.22 is vulnerable to privilege escalation.
Salesagility Suitecrm
6.5
CVSSv3
CVE-2022-0754
SQL Injection in GitHub repository salesagility/suitecrm before 7.12.5.
Salesagility Suitecrm
4.3
CVSSv3
CVE-2022-0755
Missing Authorization in GitHub repository salesagility/suitecrm before 7.12.5.
Salesagility Suitecrm
6.5
CVSSv3
CVE-2022-0756
Missing Authorization in GitHub repository salesagility/suitecrm before 7.12.5.
Salesagility Suitecrm
8.8
CVSSv3
CVE-2023-3627
Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core before 8.3.1.
Salesagility Suitecrm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »