Search Results | AttackerKB

68 Total Results

Displaying 31-40 of 68

Attacker Value

Unknown

CVE-2019-17297

Disclosure Date: October 07, 2019 (last updated November 27, 2024)

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Quotes module by a Regular user.

Attacker Value

Unknown

CVE-2019-17302

Disclosure Date: October 07, 2019 (last updated November 27, 2024)

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2019-17296

Disclosure Date: October 07, 2019 (last updated November 27, 2024)

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2019-17300

Disclosure Date: October 07, 2019 (last updated November 27, 2024)

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2019-17294

Disclosure Date: October 07, 2019 (last updated November 27, 2024)

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2019-17303

Disclosure Date: October 07, 2019 (last updated November 27, 2024)

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2019-17307

Disclosure Date: October 07, 2019 (last updated November 27, 2024)

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Tracker module by an Admin user.

Attack Vector: Network Privileges: High User Interaction: None

Attacker Value

Unknown

CVE-2019-17318

Disclosure Date: October 07, 2019 (last updated November 27, 2024)

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2019-17316

Disclosure Date: October 07, 2019 (last updated November 27, 2024)

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Import module by a Regular user.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2019-17315

Disclosure Date: October 07, 2019 (last updated November 27, 2024)

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user.

Attack Vector: Network Privileges: High User Interaction: None

68 Total Results

Displaying 31-40 of 68

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Unknown

Quick Cookie Notification