Published: 13/02/2020 Updated: 25/02/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Vulnerability Summary

SuiteCRM up to and including 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

salesagility suitecrm

Mailing Lists

SuiteCRM versions 71110 and below suffer from multiple remote SQL injection vulnerabilities ...
---------------------------------------------------------- SuiteCRM <= 71110 Multiple SQL Injection Vulnerabilities ---------------------------------------------------------- [-] Software Link: suitecrmcom/ [-] Affected Versions: Version 71110 and prior versions [-] Vulnerabilities Description: data from the database th ...