Vulnerabilities (CVE)

Vendor filter

Sugarcrm Subscribe

Filter

54 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-17292 1 Sugarcrm 1 Sugarcrm 2019-10-10 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user.
CVE-2019-17293 1 Sugarcrm 1 Sugarcrm 2019-10-10 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Project module by a Regular user.
CVE-2019-17294 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user.
CVE-2019-17315 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user.
CVE-2019-17316 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Import module by a Regular user.
CVE-2019-17317 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the UpgradeWizard module by an Admin user.
CVE-2019-17298 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Administration module by a Developer user.
CVE-2019-17299 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user.
CVE-2019-17300 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user.
CVE-2019-17301 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user.
CVE-2019-17319 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user.
CVE-2019-17302 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by a Developer user.
CVE-2019-17303 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Developer user.
CVE-2019-17304 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by an Admin user.
CVE-2019-17305 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the MergeRecords module by a Regular user.
CVE-2019-17306 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Configurator module by an Admin user.
CVE-2019-17307 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Tracker module by an Admin user.
CVE-2019-17308 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Emails module by a Regular user.
CVE-2019-17309 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the EmailMan module by an Admin user.
CVE-2019-17310 1 Sugarcrm 1 Sugarcrm 2019-10-09 6.5
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user.