CVE-2009-2978: SQL Injection
First published: Thu Aug 27 2009(Updated: )
SQL injection vulnerability in SugarCRM 4.5.1o and earlier, 5.0.0k and earlier, and 5.2.0g and earlier, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sugarcrm Sugarcrm | =1.5d | |
| Sugarcrm Sugarcrm | =5.0.0 | |
| Sugarcrm Sugarcrm | =4.2.1 | |
| Sugarcrm Sugarcrm | =4.5.0f | |
| Sugarcrm Sugarcrm | =1.1a | |
| Sugarcrm Sugarcrm | =4.0 | |
| Sugarcrm Sugarcrm | =5.2d | |
| Sugarcrm Sugarcrm | =3.5.1 | |
| Sugarcrm Sugarcrm | =1.1b | |
| Sugarcrm Sugarcrm | =4.0.1 | |
| Sugarcrm Sugarcrm | =4.1 | |
| Sugarcrm Sugarcrm | =1.0g | |
| Sugarcrm Sugarcrm | =4.5.1 | |
| Sugarcrm Sugarcrm | =4.5.0 | |
| Sugarcrm Sugarcrm | <=4.5.1o | |
| Sugarcrm Sugarcrm | =5.2a | |
| Sugarcrm Sugarcrm | =2.0.1c | |
| Sugarcrm Sugarcrm | =1.1e | |
| Sugarcrm Sugarcrm | =2.0.1 | |
| Sugarcrm Sugarcrm | =5.2f | |
| Sugarcrm Sugarcrm | <=5.2.0g | |
| Sugarcrm Sugarcrm | =3.5 | |
| Sugarcrm Sugarcrm | =5.2c | |
| Sugarcrm Sugarcrm | =1.1c | |
| Sugarcrm Sugarcrm | =1.1f | |
| Sugarcrm Sugarcrm | =1.0 | |
| Sugarcrm Sugarcrm | =5.2e | |
| Sugarcrm Sugarcrm | <=5.0.0k | |
| Sugarcrm Sugarcrm | =2.0.1a | |
| Sugarcrm Sugarcrm | =1.1d | |
| Sugarcrm Sugarcrm | =3.0.1 | |
| Sugarcrm Sugarcrm | =1.0f | |
| Sugarcrm Sugarcrm | =5.2e | |
| Sugarcrm Sugarcrm | =5.0.0h | |
| Sugarcrm Sugarcrm | =1.1 | |
| Sugarcrm Sugarcrm | =4.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.ipa.go.jp/security/vuln/documents/2009/200908_sugarcrm.html
- http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000056.html
- http://jvn.jp/en/jp/JVN31035930/index.html
- http://secunia.com/advisories/36423
- http://www.sugarcrm.com/forums/showthread.php?t=50953
- http://www.sugarcrm.com/forums/showthread.php?t=50907
- http://www.securityfocus.com/bid/36118
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52679
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- agent/source
- vendor/sugarcrm
- canonical/sugarcrm sugarcrm
- version/sugarcrm sugarcrm/1.5d
- version/sugarcrm sugarcrm/5.0.0
- version/sugarcrm sugarcrm/4.2.1
- version/sugarcrm sugarcrm/4.5.0f
- version/sugarcrm sugarcrm/1.1a
- version/sugarcrm sugarcrm/4.0
- version/sugarcrm sugarcrm/5.2d
- version/sugarcrm sugarcrm/3.5.1
- version/sugarcrm sugarcrm/1.1b
- version/sugarcrm sugarcrm/4.0.1
- version/sugarcrm sugarcrm/4.1
- version/sugarcrm sugarcrm/1.0g
- version/sugarcrm sugarcrm/4.5.1
- version/sugarcrm sugarcrm/4.5.0
- version/sugarcrm sugarcrm/4.5.1o
- version/sugarcrm sugarcrm/5.2a
- version/sugarcrm sugarcrm/2.0.1c
- version/sugarcrm sugarcrm/1.1e
- version/sugarcrm sugarcrm/2.0.1
- version/sugarcrm sugarcrm/5.2f
- version/sugarcrm sugarcrm/5.2.0g
- version/sugarcrm sugarcrm/3.5
- version/sugarcrm sugarcrm/5.2c
- version/sugarcrm sugarcrm/1.1c
- version/sugarcrm sugarcrm/1.1f
- version/sugarcrm sugarcrm/1.0
- version/sugarcrm sugarcrm/5.2e
- version/sugarcrm sugarcrm/5.0.0k
- version/sugarcrm sugarcrm/2.0.1a
- version/sugarcrm sugarcrm/1.1d
- version/sugarcrm sugarcrm/3.0.1
- version/sugarcrm sugarcrm/1.0f
- version/sugarcrm sugarcrm/5.0.0h
- version/sugarcrm sugarcrm/1.1
- version/sugarcrm sugarcrm/4.2