Show filters
717 Total Results
Displaying 391-400 of 717
Sort by:
Attacker Value
Unknown

CVE-2019-17305

Disclosure Date: October 07, 2019 (last updated November 27, 2024)
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17299

Disclosure Date: October 07, 2019 (last updated November 27, 2024)
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17297

Disclosure Date: October 07, 2019 (last updated November 27, 2024)
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Quotes module by a Regular user.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17302

Disclosure Date: October 07, 2019 (last updated November 27, 2024)
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17296

Disclosure Date: October 07, 2019 (last updated November 27, 2024)
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17300

Disclosure Date: October 07, 2019 (last updated November 27, 2024)
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17294

Disclosure Date: October 07, 2019 (last updated November 27, 2024)
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17303

Disclosure Date: October 07, 2019 (last updated November 27, 2024)
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17307

Disclosure Date: October 07, 2019 (last updated November 27, 2024)
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Tracker module by an Admin user.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2019-17318

Disclosure Date: October 07, 2019 (last updated November 27, 2024)
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
View More Topics  < Previous  Next >