CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6131 – Code Injection in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-6131
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Inyección de código en el repositorio de GitHub salesagility/suitecrm anterior a 7.14.2, 7.12.14, 8.4.2. • https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9 https://huntr.com/bounties/5fa50b25-f6b1-408c-99df-4442c86c563f • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6130 – Path Traversal: '\..\filename' in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-6130
Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Path Traversal: '\..\filename' en el repositorio de GitHub salesagility/suitecrm anterior a 7.14.2, 7.12.14, 8.4.2. • https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9 https://huntr.com/bounties/22a27be9-f016-4daf-9887-c77eb3e1dc74 • CWE-29: Path Traversal: '\..\filename' •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6128 – Cross-site Scripting (XSS) - Reflected in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-6128
Cross-site Scripting (XSS) - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Cross-site Scripting (XSS) Reflejados en el repositorio de GitHub salesagility/suitecrm anteriores a 7.14.2, 7.12.14, 8.4.2. • https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9 https://huntr.com/bounties/51406547-1961-45f2-a416-7f14fd775d2d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6127 – Unrestricted Upload of File with Dangerous Type in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-6127
Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Carga sin restricciones de archivos con tipo peligroso en el repositorio de GitHub salesagility/suitecrm anterior a 7.14.2, 7.12.14, 8.4.2. • https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9 https://huntr.com/bounties/bf10c72b-5d2e-4c9a-9bd6-d77bdf31027d • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-6126 – Code Injection in salesagility/suitecrm
https://notcve.org/view.php?id=CVE-2023-6126
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Inyección de código en el repositorio de GitHub salesagility/suitecrm anterior a 7.14.2, 7.12.14, 8.4.2. • https://github.com/salesagility/suitecrm/commit/54bc56c3bd9f1db75408db1c1d7d652c3f5f71e9 https://huntr.com/bounties/e22a9be3-3273-42cb-bfcc-c67a1025684e • CWE-94: Improper Control of Generation of Code ('Code Injection') •