Filtered by vendor Salesagility
Subscribe
Total
67 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-12599 | 1 Salesagility | 1 Suitecrm | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
SuiteCRM 7.10.x before 7.10.17 and 7.11.x before 7.11.5 allows SQL Injection. | |||||
CVE-2018-20816 | 1 Salesagility | 1 Suitecrm | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the "add dashboard pages" feature where users can receive a malicious attack through a phished URL, with script executed. | |||||
CVE-2019-12598 | 1 Salesagility | 1 Suitecrm | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 1 of 3). | |||||
CVE-2019-6506 | 1 Salesagility | 1 Suitecrm | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL Injection. | |||||
CVE-2018-15606 | 1 Salesagility | 1 Suitecrm | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message. | |||||
CVE-2015-5948 | 1 Salesagility | 1 Suitecrm | 2024-02-04 | 9.3 HIGH | 8.1 HIGH |
Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5947. | |||||
CVE-2015-5947 | 1 Salesagility | 1 Suitecrm | 2024-02-04 | 6.8 MEDIUM | 8.1 HIGH |
SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. |