Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Sugarcrm Subscribe
Filtered by product Sugarcrm
Total 63 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-17312 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user.
CVE-2019-17311 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the attachment function by a Regular user.
CVE-2019-17310 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 7.2 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user.
CVE-2019-17309 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 7.2 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the EmailMan module by an Admin user.
CVE-2019-17308 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user.
CVE-2019-17307 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 7.2 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Tracker module by an Admin user.
CVE-2019-17306 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 7.2 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Configurator module by an Admin user.
CVE-2019-17305 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user.
CVE-2019-17304 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 7.2 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user.
CVE-2019-17303 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user.
CVE-2019-17302 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user.
CVE-2019-17301 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 7.2 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user.
CVE-2019-17300 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user.
CVE-2019-17299 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 7.2 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user.
CVE-2019-17298 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Administration module by a Developer user.
CVE-2019-17297 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Quotes module by a Regular user.
CVE-2019-17296 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user.
CVE-2019-17295 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a Regular user.
CVE-2019-17294 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user.
CVE-2019-17293 1 Sugarcrm 1 Sugarcrm 2024-11-21 6.5 MEDIUM 8.8 HIGH
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Project module by a Regular user.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024