Filter
AND
Versions
SugarCRMAuthenticated Blind SQL Injection in DeleteRelationShip in SuiteCRM
8.8
First published (updated )
SugarCRMAuthenticated SQL injection in AM_ProjectTemplates controller in SuiteCRM
8.8
First published (updated )
SugarCRMSuiteCRM has wrong deletion permission checks on API delete call
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSuiteCRM authenticated Server-Side Request Forgery
7.7
First published (updated )
SugarCRMSuiteCRM authenticated Reflected Cross-Site Scripting
8.9
First published (updated )
SugarCRMCode Injection in salesagility/suitecrm
8.8
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMPath Traversal: '\..\filename' in salesagility/suitecrm
8.8
EPSS
0.05%
First published (updated )
SugarCRMCode Injection in salesagility/suitecrm
8.8
EPSS
0.05%
First published (updated )
SugarCRMImproper Access Control in salesagility/suitecrm
8.1
First published (updated )
SugarCRMCross-site Scripting (XSS) - Stored in salesagility/suitecrm
8.9
First published (updated )
SugarCRMCross-Site Request Forgery (CSRF) in salesagility/suitecrm-core
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMCross-site Scripting (XSS) - Stored in salesagility/suitecrm-core
7.6
First published (updated )
SugarCRMPath Traversal: '\..\filename' in salesagility/suitecrm
8.8
First published (updated )
SugarCRMSuiteCRM v7.11.23 was discovered to allow remote code execution via a crafted payload injected into …
7.2
First published (updated )
SugarCRMSuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users with…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMMissing Authorization in salesagility/suitecrm
7.1
First published (updated )
SugarCRMSuiteCRM before 7.12.3 and 8.x before 8.0.2 allows remote code execution.
8.8
First published (updated )
SugarCRMSuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation.
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSuiteCRM - Account Takeover in Password Reset Functionality
8
First published (updated )
SugarCRMSuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opp…
7.8
First published (updated )
SugarCRMSuiteCRM through 7.11.11 allows PHAR Deserialization.
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.