Shodan
Vulnerabilities
Vulnerable Software
Sugarcrm:  >> Sugarcrm  >> 7.9.0.0  Security Vulnerabilities
CVE-2019-17292
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user.
CVSS Score
7.2
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17293
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Project module by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17294
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17295
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17296
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17317
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the UpgradeWizard module by an Admin user.
CVSS Score
7.2
EPSS Score
0.008
Published
2019-10-07
CVE-2019-17318
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17319
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-10-07
CVE-2019-17315
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user.
CVSS Score
7.2
EPSS Score
0.009
Published
2019-10-07
CVE-2019-17316
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Import module by a Regular user.
CVSS Score
8.8
EPSS Score
0.011
Published
2019-10-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved