RSS   Vulnerabilities for 'Suitecrm'   RSS

2019-10-02
 
CVE-2019-14454

CWE-269
 

 
SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation.

 
 
CVE-2019-13335

CWE-918
 

 
SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF.

 
2019-09-30
 
CVE-2019-14752

CWE-79
 

 
SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS.

 
2019-09-27
 
CVE-2019-16922

CWE-200
 

 
SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files.

 
2019-06-07
 
CVE-2019-12601

CWE-89
 

 
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 3 of 3).

 
 
CVE-2019-12600

CWE-89
 

 
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 2 of 3).

 
 
CVE-2019-12599

CWE-89
 

 
SuiteCRM 7.10.x before 7.10.17 and 7.11.x before 7.11.5 allows SQL Injection.

 
 
CVE-2019-12598

CWE-89
 

 
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 1 of 3).

 
2019-04-02
 
CVE-2019-6506

CWE-89
 

 
SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL Injection.

 
2017-09-06
 
CVE-2015-5948

 

 
Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5947.

 


Copyright 2019, cxsecurity.com

 

Back to Top