Filter
-Infinity
0
Trending
SugarCRMCode Injection in salesagility/suitecrm
8.8
EPSS
0.05%
First published (updated )
SugarCRMCode Injection in salesagility/suitecrm
9.8
EPSS
0.09%
First published (updated )
SugarCRMCross-site Scripting (XSS) - Reflected in salesagility/suitecrm
6.8
EPSS
0.04%
First published (updated )
SugarCRMSuite CRM v7.14.2 - RCE via Local File Inclusion
9.9
First published (updated )
SugarCRMCross-site Scripting (XSS) - Stored in salesagility/suitecrm-core
7.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSuiteCRM has Unauthenticated Graphql Introspection Enabled
5.3
First published (updated )
SugarCRMCross-site Scripting (XSS) - Stored in salesagility/suitecrm
8.9
First published (updated )
SugarCRMImproper Access Control in salesagility/suitecrm
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation.
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in SuiteCRM
6.5
First published (updated )
SugarCRMAuthenticated SQL injection in AM_ProjectTemplates controller in SuiteCRM
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMAuthenticated Blind SQL Injection in DeleteRelationShip in SuiteCRM
8.8
First published (updated )
SugarCRMAuthenticated XSS in "Publish Key" Field Allowing Unauthorized Administrator User Creation in SuiteCRM
5.4
First published (updated )
SugarCRMCross-Site Request Forgery (CSRF) in salesagility/suitecrm-core
8.8
First published (updated )
SugarCRMSuiteCRM-Core Host Header Injection in /legacy
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SugarCRMSuiteCRM has wrong deletion permission checks on API delete call
7.7
First published (updated )
SugarCRMServer-Side Request Forgery (SSRF) in salesagility/suitecrm
EPSS
0.04%
First published (updated )
SugarCRMUnrestricted Upload of File with Dangerous Type in salesagility/suitecrm
5.4
EPSS
0.04%
First published (updated )
SugarCRMPath Traversal: '\..\filename' in salesagility/suitecrm
8.8
EPSS
0.05%
First published (updated )
SugarCRMCode Injection in salesagility/suitecrm
8.8
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.