CVSS: 8.1EPSS: 3%CPEs: 1EXPL: 2CVE-2015-5947
https://notcve.org/view.php?id=CVE-2015-5947
SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. SuiteCRM, en versiones anteriores a la 7.2.3, permite que atacantes remotos ejecuten código arbitrario. • http://www.openwall.com/lists/oss-security/2015/08/06/6 https://github.com/XiphosResearch/exploits/tree/master/suiteshell https://github.com/salesagility/SuiteCRM/commit/b1b3fd61c7697ad2073cd253d31c9462929e7bb5 https://github.com/salesagility/SuiteCRM/issues/333 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 1CVE-2015-5948
https://notcve.org/view.php?id=CVE-2015-5948
Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5947. Una condición de carrera en versiones anteriores a la 7.2.3 de SuiteCRM permite que atacantes remotos ejecuten código arbitrario. NOTA: Esta vulnerabilidad existe debido a una solución incompleta para CVE-2015-5947. • http://www.openwall.com/lists/oss-security/2015/08/06/6 https://github.com/XiphosResearch/exploits/tree/master/suiteshell https://github.com/salesagility/SuiteCRM/commit/b1b3fd61c7697ad2073cd253d31c9462929e7bb5 https://github.com/salesagility/SuiteCRM/issues/333 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •