Search Results | AttackerKB

Show filters

Topics 4 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2021-45899

Disclosure Date: January 28, 2022 (last updated February 23, 2025)

SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote code execution.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-45898

Disclosure Date: January 28, 2022 (last updated October 07, 2023)

SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows local file inclusion.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2021-45897

Disclosure Date: January 28, 2022 (last updated October 07, 2023)

SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows remote code execution.

Attack Vector: Network Privileges: Low User Interaction: None

0

Attacker Value

Unknown

CVE-2021-45041

Disclosure Date: December 19, 2021 (last updated February 23, 2025)

SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resource_id and start_date.

Attack Vector: Network Privileges: Low User Interaction: None

0