Vulnerability Details CVE-2005-4087
PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.038
EPSS Ranking 87.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://securityreason.com/securityalert/239
- http://www.securityfocus.com/archive/1/418840
- http://www.securityfocus.com/bid/15760
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23541
- http://securityreason.com/securityalert/239
- http://www.securityfocus.com/archive/1/418840
- http://www.securityfocus.com/bid/15760
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23541
Products affected by CVE-2005-4087
-
cpe:2.3:a:sugarcrm:sugar_suite:3.5
-
cpe:2.3:a:sugarcrm:sugar_suite:4.0_beta