Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suitecrm vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-6506
SuiteCRM prior to 7.8.28, 7.9.x and 7.10.x prior to 7.10.15, and 7.11.x prior to 7.11.3 allows SQL Injection.
Salesagility Suitecrm 7.11.0
NA
CVE-2023-6388
Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF.
Salesagility Suitecrm 7.14.2
578
VMScore
CVE-2022-27474
SuiteCRM v7.11.23 exists to allow remote code execution via a crafted payload injected into the FirstName text field.
Salesagility Suitecrm 7.11.23
NA
CVE-2023-47643
SuiteCRM is a Customer Relationship Management (CRM) software application. Prior to version 8.4.2, Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and functions. An attacker can obtain the GraphQL schema and under...
Salesagility Suitecrm 8.4.1
NA
CVE-2020-28320
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none
312
VMScore
CVE-2021-31792
XSS in the client account page in SuiteCRM prior to 7.11.19 allows an malicious user to inject JavaScript via the name field
409
VMScore
CVE-2015-5946
Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.
Sugarcrm Sugarcrm 6.5.22
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7