Filter
AND
AND
SugarCRMAuthenticated XSS in "Publish Key" Field Allowing Unauthorized Administrator User Creation in SuiteCRM
5.4
First published (updated )
SugarCRMImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in SuiteCRM
6.5
First published (updated )
SugarCRMSuiteCRM-Core Host Header Injection in /legacy
6.1
First published (updated )
SugarCRMSuiteCRM unauthenticated user password reset on php7
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSuiteCRM has Unauthenticated Graphql Introspection Enabled
5.3
First published (updated )
SugarCRMCross-site Scripting (XSS) - Reflected in salesagility/suitecrm
6.8
EPSS
0.04%
First published (updated )
SugarCRMUnrestricted Upload of File with Dangerous Type in salesagility/suitecrm
5.4
EPSS
0.04%
First published (updated )
SugarCRMServer-Side Request Forgery (SSRF) in salesagility/suitecrm
EPSS
0.04%
First published (updated )
SugarCRMMissing Authorization in salesagility/suitecrm
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document.
6.1
First published (updated )
SugarCRMSuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 does not correctly implement the .htacce…
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files.
5.3
First published (updated )