CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17307

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Tracker module by an Admin user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.1%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

Products affected by CVE-2019-17307

Sugarcrm » Sugarcrm » Version: 7.9.0.0

cpe:2.3:a:sugarcrm:sugarcrm:7.9.0.0
Sugarcrm » Sugarcrm » Version: 7.9.0.1

cpe:2.3:a:sugarcrm:sugarcrm:7.9.0.1
Sugarcrm » Sugarcrm » Version: 7.9.1.0

cpe:2.3:a:sugarcrm:sugarcrm:7.9.1.0
Sugarcrm » Sugarcrm » Version: 7.9.2.0

cpe:2.3:a:sugarcrm:sugarcrm:7.9.2.0
Sugarcrm » Sugarcrm » Version: 7.9.3.0

cpe:2.3:a:sugarcrm:sugarcrm:7.9.3.0
Sugarcrm » Sugarcrm » Version: 7.9.4.0

cpe:2.3:a:sugarcrm:sugarcrm:7.9.4.0
Sugarcrm » Sugarcrm » Version: 8.0.0

cpe:2.3:a:sugarcrm:sugarcrm:8.0.0
Sugarcrm » Sugarcrm » Version: 8.0.1

cpe:2.3:a:sugarcrm:sugarcrm:8.0.1
Sugarcrm » Sugarcrm » Version: 8.0.2

cpe:2.3:a:sugarcrm:sugarcrm:8.0.2
Sugarcrm » Sugarcrm » Version: 8.0.3

cpe:2.3:a:sugarcrm:sugarcrm:8.0.3
Sugarcrm » Sugarcrm » Version: 9.0.0

cpe:2.3:a:sugarcrm:sugarcrm:9.0.0
Sugarcrm » Sugarcrm » Version: 9.0.1

cpe:2.3:a:sugarcrm:sugarcrm:9.0.1

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved