Filter
AND
Versions
7.11.0
6
7.10.0
4
8.4.1
4
2.0.1c
3
3.5
3
5.0.0
3
5.2c
3
5.2d
3
5.2e
3
6.5.18
3
7.14.0
3
7.14.1
3
8.0.0
3
8.4.0
3
1.0
2
1.0f
2
1.0g
2
1.1
2
1.1a
2
1.1b
2
1.1c
2
1.1d
2
1.1e
2
1.1f
2
1.5d
2
2.0.1
2
2.0.1a
2
3.5.1
2
4.0
2
4.1
2
4.2
2
4.5.0f
2
4.5.1
2
5.0.0h
2
5.0.0k
2
5.1.0
2
5.1.0-beta
2
5.1c
2
5.2.0g
2
5.2a
2
5.2f
2
5.2g
2
5.2h
2
5.5-beta1
2
5.5-beta2
2
5.5.0
2
6.1.0
2
6.5.26
2
7.0.0
2
7.11.13
2
3.0.1
1
4.0.1
1
4.0_beta
1
4.2.1
1
4.5.0
1
4.5.1i
1
4.5.1o
1
5.1l
1
5.5.1
1
5.5.2
1
5.5.3
1
5.5.4
1
5.5a
1
6.0
1
6.0.1
1
6.0.2
1
6.0.3
1
6.1.1
1
6.1.2
1
6.5.0
1
7.10.00
1
7.11.10
1
7.14.2
1
7.7.2.2
1
7.8.0.0
1
7.8.0.1
1
7.8.1.0
1
7.8.2.0
1
7.8.2.1
1
7.9.0.0
1
7.9.0.1
1
7.9.1.0
1
9.0.0
1
SugarCRMCross-site Scripting (XSS) - Reflected in salesagility/suitecrm
6.8
EPSS
0.04%
First published (updated )
SugarCRMSuiteCRM has Unauthenticated Graphql Introspection Enabled
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in SuiteCRM
6.5
First published (updated )
SugarCRMAuthenticated XSS in "Publish Key" Field Allowing Unauthorized Administrator User Creation in SuiteCRM
5.4
First published (updated )
SugarCRMSuiteCRM-Core Host Header Injection in /legacy
6.1
First published (updated )
SugarCRMServer-Side Request Forgery (SSRF) in salesagility/suitecrm
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMUnrestricted Upload of File with Dangerous Type in salesagility/suitecrm
5.4
EPSS
0.04%
First published (updated )
SugarCRMThe install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, w…
6.4
First published (updated )
SugarCRMSugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to gain sensitive information via ce…
First published (updated )
SugarCRM Sugar SuiteDirectory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relations…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSugar Suite Open Source (SugarCRM) 4.2 and earlier, when register_globals is enabled, does not prote…
6.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 does not correctly implement the .htacce…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files.
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.