3 results (0.008 seconds)

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before 4.2.1 Patch C (20060917) has unspecified impact, related to code execution, and unspecified attack vectors. Vulnerabilidad no especificada en Sugar Suite Open Source (SugarCRM) anterior a 4.2.1 Patch C (20060917) tiene impacto no especificado, relacionado con ejecución de código, y vectores de ataque no especificados. • http://secunia.com/advisories/22110 http://www.securityfocus.com/bid/20217 http://www.sugarcrm.com/forums/showthread.php?t=16348 http://www.vupen.com/english/advisories/2006/3783 https://exchange.xforce.ibmcloud.com/vulnerabilities/29182 •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 4

Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter. • https://www.exploit-db.com/exploits/1359 https://www.exploit-db.com/exploits/1364 http://rgod.altervista.org/sugar_suite_40beta.html http://secunia.com/advisories/17948 http://securitytracker.com/id?1015322 http://www.securityfocus.com/archive/1/418840 http://www.securityfocus.com/bid/15760 http://www.vupen.com/english/advisories/2005/2800 •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 4

PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter. • https://www.exploit-db.com/exploits/1359 https://www.exploit-db.com/exploits/1364 http://securityreason.com/securityalert/239 http://www.securityfocus.com/archive/1/418840 http://www.securityfocus.com/bid/15760 https://exchange.xforce.ibmcloud.com/vulnerabilities/23541 •