SugarCRM Sugar Sales 2.0.1c and previous versions allows remote malicious users to gain sensitive information via certain requests to scripts that contain invalid input, which reveals the path in an error message, as demonstrated using phprint.php with an empty module parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sugarcrm sugarcrm |