CVEDB API - Fast Vulnerability Dashboard

Vulnerabilities

Vulnerable Software

Salesagility: >> Suitecrm >> 7.10.21 Security Vulnerabilities

CVE-2020-8802

SuiteCRM through 7.11.11 has Incorrect Access Control via action_saveHTMLField Bean Manipulation.

CVSS Score

9.8

EPSS Score

0.005

Published

2020-02-13

CVE-2020-8803

SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via add_to_prospect_list.

CVSS Score

9.8

EPSS Score

0.01

Published

2020-02-13

CVE-2020-8804

SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module.

CVSS Score

6.5

EPSS Score

0.004

Published

2020-02-13

CVE-2020-8800

SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.

CVSS Score

8.8

EPSS Score

0.005

Published

2020-02-13

Prev

Page 7

Products

Pricing

Contact Us

support@shodan.io

Shodan ® - All rights reserved