Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sugarcrm vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-7472
An authorization bypass and PHP local-file-include vulnerability in the installation component of SugarCRM prior to 8.0, 8.0 prior to 8.0.7, 9.0 prior to 9.0.4, and 10.0 prior to 10.0.0 allows for unauthenticated remote code execution against a configured SugarCRM instance via cr...
Sugarcrm Sugarcrm
312
VMScore
CVE-2020-17372
SugarCRM prior to 10.1.0 (Q3 2020) allows XSS.
Sugarcrm Sugarcrm
312
VMScore
CVE-2020-17373
SugarCRM prior to 10.1.0 (Q3 2020) allows SQL Injection.
Sugarcrm Sugarcrm
760
VMScore
CVE-2012-0694
SugarCRM CE <= 6.3.1 contains scripts that use "unserialize()" with user controlled input which allows remote malicious users to execute arbitrary PHP code.
Sugarcrm Sugarcrm
2 EDB exploits
578
VMScore
CVE-2019-17292
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user.
Sugarcrm Sugarcrm
578
VMScore
CVE-2019-17294
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the export function by a Regular user.
Sugarcrm Sugarcrm
578
VMScore
CVE-2019-17298
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows SQL injection in the Administration module by a Developer user.
Sugarcrm Sugarcrm
578
VMScore
CVE-2019-17299
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the Administration module by an Admin user.
Sugarcrm Sugarcrm
578
VMScore
CVE-2019-17300
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the Administration module by a Developer user.
Sugarcrm Sugarcrm
578
VMScore
CVE-2019-17302
SugarCRM prior to 8.0.4 and 9.x prior to 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user.
Sugarcrm Sugarcrm
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »