Filtered by vendor Sugarcrm
Subscribe
Total
62 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-4086 | 1 Sugarcrm | 1 Sugar Suite | 2011-03-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter. | |||||
| CVE-2009-2146 | 1 Sugarcrm | 1 Sugarcrm | 2009-06-24 | 6.0 MEDIUM | N/A |
| Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition (aka SugarCRM) before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct request to a modified filename under cache/modules/Emails/, as demonstrated using .php as the entire original name. | |||||