Multiple SQL injection vulnerabilities in app/controllers/home_controller.rb in Fat Free CRM prior to 0.12.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the homepage timeline feature or (2) the activity feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fatfreecrm fat free crm 0.11.0 |
||
fatfreecrm fat free crm 0.9.10 |
||
fatfreecrm fat free crm |
||
fatfreecrm fat free crm 0.11.2 |
||
fatfreecrm fat free crm 0.11.1 |
||
fatfreecrm fat free crm 0.9.8 |
||
fatfreecrm fat free crm 0.9.7 |
||
fatfreecrm fat free crm 0.9.6 |
||
fatfreecrm fat free crm 0.10.1 |
||
fatfreecrm fat free crm 0.9.9 |