Page 13 of 83 results (0.005 seconds)

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection (issue 3 of 4). SuiteCRM versiones 7.10.x anteriores a 7.10.23 y versiones 7.11.x anteriores a 7.11.11, permiten una Inyección SQL (problema 3 de 4). • https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_23 https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_11 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection (issue 4 of 4). SuiteCRM versiones 7.10.x anteriores a 7.10.23 y versiones 7.11.x anteriores a 7.11.11, permiten una Inyección SQL (problema 4 de 4). • https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_23 https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_11 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted. SuiteCRM versiones 7.10.x anteriores a 7.10.23 y versiones 7.11.x anteriores a 7.11.11, permite que sea enviado un ID de Bean no válido. • https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_23 https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_11 • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow SQL Injection (issue 1 of 4). SuiteCRM versiones 7.10.x anteriores a 7.10.23 y versiones 7.11.x anteriores a 7.11.11, permiten una Inyección SQL (problema 1 de 4). • https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_23 https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_11 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module. SuiteCRM versiones hasta 7.11.10, permite una inyección SQL por medio de la API SOAP, la interfaz EmailUIAjax o el módulo MailMerge. SuiteCRM versions 7.11.10 and below suffer from multiple remote SQL injection vulnerabilities. • http://packetstormsecurity.com/files/156331/SuiteCRM-7.11.10-SQL-Injection.html http://seclists.org/fulldisclosure/2020/Feb/7 https://suitecrm.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •