Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suitecrm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-6388
Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF.
Salesagility Suitecrm 7.14.2
578
VMScore
CVE-2022-27474
SuiteCRM v7.11.23 exists to allow remote code execution via a crafted payload injected into the FirstName text field.
Salesagility Suitecrm 7.11.23
668
VMScore
CVE-2019-6506
SuiteCRM prior to 7.8.28, 7.9.x and 7.10.x prior to 7.10.15, and 7.11.x prior to 7.11.3 allows SQL Injection.
Salesagility Suitecrm 7.11.0
NA
CVE-2023-47643
SuiteCRM is a Customer Relationship Management (CRM) software application. Prior to version 8.4.2, Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and functions. An attacker can obtain the GraphQL schema and under...
Salesagility Suitecrm 8.4.1
NA
CVE-2020-28320
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none
312
VMScore
CVE-2021-31792
XSS in the client account page in SuiteCRM prior to 7.11.19 allows an malicious user to inject JavaScript via the name field
409
VMScore
CVE-2015-5946
Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.
Sugarcrm Sugarcrm 6.5.22
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7