Salesagility Suitecrm
24 CVEs affecting Salesagility Suitecrm. Latest disclosed: 2024-11-05. Critical: 6, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36412 | Critical | 10.0 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in events response… |
CVE-2024-36411 | Critical | 9.6 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for… |
CVE-2024-36410 | Critical | 9.6 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for… |
CVE-2024-36409 | Critical | 9.6 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for… |
CVE-2024-36408 | Critical | 9.6 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for… |
CVE-2024-36415 | Critical | 9.1 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in uploaded file ve… |
CVE-2024-36413 | High | 8.9 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in the import modul… |
CVE-2024-50332 | High | 8.8 | 2024-11-05 | SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Insufficient input value validation causes Blind SQL… |
CVE-2024-49772 | High | 8.8 | 2024-11-05 | SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In SuiteCRM versions 7.14.4, poor input validation al… |
CVE-2024-36418 | High | 8.6 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in connectors allow… |
CVE-2024-36416 | High | 8.6 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no… |
CVE-2015-5948 | High | 8.1 | 2017-09-06 | Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. NOTE: this vulnerability exists because of an incomplete fix for CV… |
CVE-2015-5947 | High | 8.1 | 2017-09-06 | SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. |
CVE-2021-25960 | High | 8.0 | 2021-09-29 | In “SuiteCRM” application, v7.11.18 through v7.11.19 and v7.10.29 through v7.10.31 are affected by “CSV Injection” vulnerability (Formula Injection). A low pri… |
CVE-2021-25961 | High | 8.0 | 2021-09-29 | In “SuiteCRM” application, v7.1.7 through v7.10.31 and v7.11-beta through v7.11.20 fail to properly invalidate password reset links that is associated with a d… |
CVE-2024-45392 | High | 7.7 | 2024-09-05 | SuiteCRM is an open-source customer relationship management (CRM) system. Prior to version 7.14.5 and 8.6.2, insufficient access control checks allow a threat… |
CVE-2024-36414 | High | 7.7 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in the connectors f… |
CVE-2024-49774 | High | 7.2 | 2024-11-05 | SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. SuiteCRM relies on the blacklist of functions/methods… |
CVE-2024-50333 | Medium | 6.6 | 2024-11-05 | SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. User input is not validated and is written to the fil… |
CVE-2024-36417 | Medium | 5.7 | 2024-06-10 | SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, an unverified IFrame can be added s… |