CVE-2025-54783
- EPSS 0.03%
- Veröffentlicht 07.08.2025 00:05:11
- Zuletzt bearbeitet 12.08.2025 20:56:37
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Versions 7.14.6 and below have a Reflected Cross-Site Scripting (XSS) vulnerability. This vulnerability allows an attacker to execute JavaScript...
CVE-2025-54788
- EPSS 0.07%
- Veröffentlicht 06.08.2025 23:48:55
- Zuletzt bearbeitet 14.08.2025 20:12:35
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions and below, the InboundEmail module allows the arbitrary execution of queries in the backend database, leading to SQL injection. This...
CVE-2025-54785
- EPSS 0.13%
- Veröffentlicht 06.08.2025 23:15:16
- Zuletzt bearbeitet 13.08.2025 18:12:57
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In versions 7.14.6 and 8.8.0, user-supplied input is not validated/sanitized before it is passed to the unserialize function, which could lead ...
CVE-2019-18785
- EPSS 0.24%
- Veröffentlicht 20.03.2020 01:15:24
- Zuletzt bearbeitet 21.11.2024 04:33:33
SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 mishandles API access tokens and credentials.