Filters

Software

salesagility suitecrm
32

SalesAgility SuiteCRMRCE in ModuleBuilder in SuiteCRM

high
8.8
First published (updated )
CVE-2024-50333

SalesAgility SuiteCRMAuthenticated Blind SQL Injection in DeleteRelationShip in SuiteCRM

high
8.8
First published (updated )
CVE-2024-50332

SalesAgility SuiteCRMModuleScanner flaws in SuiteCRM

high
7.2
First published (updated )
CVE-2024-49774

SalesAgility SuiteCRMAuthenticated SQL injection in AM_ProjectTemplates controller in SuiteCRM

high
8.8
First published (updated )
CVE-2024-49772

SalesAgility SuiteCRMSuiteCRM has wrong deletion permission checks on API delete call

high
7.7
First published (updated )
CVE-2024-45392

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SalesAgility SuiteCRMSuiteCRM authenticated RCE using connectors

high
8.8
First published (updated )
CVE-2024-36418

SalesAgility SuiteCRMSuiteCRM v4 API Excessive log data DOS

high
8.6
First published (updated )
CVE-2024-36416

SalesAgility SuiteCRMSuiteCRM authenticated Server-Side Request Forgery

high
7.7
First published (updated )
CVE-2024-36414

SalesAgility SuiteCRMSuiteCRM authenticated Reflected Cross-Site Scripting

high
8.9
First published (updated )
CVE-2024-36413

SalesAgility SuiteCRMCode Injection in salesagility/suitecrm

high
8.8
EPSS
0.05%
First published (updated )
CVE-2023-6131

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SalesAgility SuiteCRMPath Traversal: '\..\filename' in salesagility/suitecrm

high
8.8
EPSS
0.05%
First published (updated )
CVE-2023-6130

SalesAgility SuiteCRMCode Injection in salesagility/suitecrm

high
8.8
EPSS
0.05%
First published (updated )
CVE-2023-6125

SalesAgility SuiteCRMImproper Access Control in salesagility/suitecrm

high
8.1
First published (updated )
CVE-2023-5353

SalesAgility SuiteCRMCross-site Scripting (XSS) - Stored in salesagility/suitecrm

high
8.9
First published (updated )
CVE-2023-5351

SalesAgility SuiteCRMCross-Site Request Forgery (CSRF) in salesagility/suitecrm-core

high
8.8
First published (updated )
CVE-2023-3627

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SalesAgility SuiteCRMCross-site Scripting (XSS) - Stored in salesagility/suitecrm-core

high
7.6
First published (updated )
CVE-2023-3293

SalesAgility SuiteCRMPath Traversal: '\..\filename' in salesagility/suitecrm

high
8.8
First published (updated )
CVE-2023-1034

SalesAgility SuiteCRMSuiteCRM v7.11.23 was discovered to allow remote code execution via a crafted payload injected into …

high
7.2
First published (updated )
CVE-2022-27474

SalesAgility SuiteCRMSuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users with…

high
8.8
First published (updated )
CVE-2022-23940

SalesAgility SuiteCRMSQL Injection in salesagility/suitecrm

high
7.1
First published (updated )
CVE-2022-0754

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SalesAgility SuiteCRMMissing Authorization in salesagility/suitecrm

high
7.1
First published (updated )
CVE-2022-0755

SalesAgility SuiteCRMSuiteCRM before 7.12.3 and 8.x before 8.0.2 allows remote code execution.

high
8.8
First published (updated )
CVE-2021-45897

SalesAgility SuiteCRMCSRF

high
8.8
First published (updated )
CVE-2021-41597

SalesAgility SuiteCRMSQL Injection

high
8.8
First published (updated )
CVE-2021-45041

SalesAgility SuiteCRMSuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation.

high
8.8
First published (updated )
CVE-2021-41869

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SalesAgility SuiteCRMSuiteCRM - Account Takeover in Password Reset Functionality

high
8
First published (updated )
CVE-2021-25961

SalesAgility SuiteCRMSuiteCRM - CSV Injection in Accounts Module

high
8
First published (updated )
CVE-2021-25960

SalesAgility SuiteCRMSuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opp…

high
7.8
First published (updated )
CVE-2020-15301

SalesAgility SuiteCRMInput Validation

high
7.5
First published (updated )
CVE-2020-8787

SalesAgility SuiteCRMSuiteCRM through 7.11.11 allows PHAR Deserialization.

high
7.2
First published (updated )
CVE-2020-8801

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

SalesAgility SuiteCRMSuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.

high
8.8
First published (updated )
CVE-2020-8800

SalesAgility SuiteCRMRace Condition

high
8.1
First published (updated )
CVE-2015-5947

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203