Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2024-1644

Disclosure Date: February 20, 2024 (last updated January 06, 2025)
Suite CRM version 7.14.2 allows including local php files. This is possible because the application is vulnerable to LFI.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-6388

Disclosure Date: February 07, 2024 (last updated February 15, 2024)
Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. This is possible because the application is vulnerable to SSRF.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0