Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2019
CVE-2019-17292
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user.
CVSS Score
7.2
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17293
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Project module by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17294
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17295
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17296
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17317
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the UpgradeWizard module by an Admin user.
CVSS Score
7.2
EPSS Score
0.008
Published
2019-10-07
CVE-2019-17318
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17319
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2015-9450
The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_cc pmfb_tid parameter.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-10-07
CVE-2015-9451
The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the wp-admin/admin-ajax.php?action=pmfb_mailchimp pmfb_tid parameter.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-10-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved