CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0266

Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the (1) return_module, (2) return_action, (3) name, (4) module, or (5) record parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.8%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2005-0266

Sugarcrm » Sugarcrm » Version: 1.0

cpe:2.3:a:sugarcrm:sugarcrm:1.0
Sugarcrm » Sugarcrm » Version: 1.0f

cpe:2.3:a:sugarcrm:sugarcrm:1.0f
Sugarcrm » Sugarcrm » Version: 1.0g

cpe:2.3:a:sugarcrm:sugarcrm:1.0g
Sugarcrm » Sugarcrm » Version: 1.1

cpe:2.3:a:sugarcrm:sugarcrm:1.1
Sugarcrm » Sugarcrm » Version: 1.1a

cpe:2.3:a:sugarcrm:sugarcrm:1.1a
Sugarcrm » Sugarcrm » Version: 1.1b

cpe:2.3:a:sugarcrm:sugarcrm:1.1b
Sugarcrm » Sugarcrm » Version: 1.1c

cpe:2.3:a:sugarcrm:sugarcrm:1.1c
Sugarcrm » Sugarcrm » Version: 1.1d

cpe:2.3:a:sugarcrm:sugarcrm:1.1d
Sugarcrm » Sugarcrm » Version: 1.1e

cpe:2.3:a:sugarcrm:sugarcrm:1.1e
Sugarcrm » Sugarcrm » Version: 1.1f

cpe:2.3:a:sugarcrm:sugarcrm:1.1f
Sugarcrm » Sugarcrm » Version: 1.5d

cpe:2.3:a:sugarcrm:sugarcrm:1.5d
Sugarcrm » Sugarcrm » Version: 2.0.1

cpe:2.3:a:sugarcrm:sugarcrm:2.0.1
Sugarcrm » Sugarcrm » Version: 2.0.1a

cpe:2.3:a:sugarcrm:sugarcrm:2.0.1a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-0266

Products

Pricing

Contact Us