cbcvebase.

Salesagility Suitecrm vulnerabilities

14 known vulnerabilities affecting salesagility/salesagility_suitecrm.

Total CVEs
14
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH4MEDIUM8

Vulnerabilities

Page 1 of 1
CVE-2023-5350P2CRITICALCVSS 9.1PoC≥ unspecified, < 7.14.12023-10-03
CVE-2023-5350 [CRITICAL] CWE-89 CVE-2023-5350: SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1. SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1.
nvd
CVE-2023-1034P2HIGHCVSS 8.8≥ unspecified, < 7.12.92023-02-25
CVE-2023-1034 [HIGH] CWE-29 CVE-2023-1034: Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9. Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9.
nvd
CVE-2023-6131P3HIGHCVSS 8.8≥ unspecified, < 7.14.2, 7.12.14, 8.4.22023-11-14
CVE-2023-6131 [HIGH] CWE-94 CVE-2023-6131: Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
nvd
CVE-2023-6125P3HIGHCVSS 8.8≥ unspecified, < 7.14.2, 7.12.14, 8.4.22023-11-14
CVE-2023-6125 [HIGH] CWE-94 CVE-2023-6125: Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
nvd
CVE-2023-6126P3CRITICALCVSS 9.8≥ unspecified, < 7.14.2, 7.12.14, 8.4.22023-11-14
CVE-2023-6126 [CRITICAL] CWE-94 CVE-2023-6126: Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
nvd
CVE-2023-6130P3HIGHCVSS 8.8≥ unspecified, < 7.14.2, 7.12.14, 8.4.22023-11-14
CVE-2023-6130 [HIGH] CWE-29 CVE-2023-6130: Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
nvd
CVE-2022-0754P3MEDIUMCVSS 6.5≥ unspecified, < 7.12.52022-03-07
CVE-2022-0754 [MEDIUM] CWE-89 CVE-2022-0754: SQL Injection in GitHub repository salesagility/suitecrm prior to 7.12.5. SQL Injection in GitHub repository salesagility/suitecrm prior to 7.12.5.
nvd
CVE-2022-0756P3MEDIUMCVSS 6.5≥ unspecified, < 7.12.52022-03-07
CVE-2022-0756 [MEDIUM] CWE-862 CVE-2022-0756: Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5.
nvd
CVE-2023-5353P3MEDIUMCVSS 6.5≥ unspecified, < 7.14.12023-10-03
CVE-2023-5353 [MEDIUM] CWE-284 CVE-2023-5353: Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1. Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1.
nvd
CVE-2023-6127P4MEDIUMCVSS 5.4≥ unspecified, < 7.14.2, 7.12.14, 8.4.22023-11-14
CVE-2023-6127 [MEDIUM] CWE-434 CVE-2023-6127: Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
nvd
CVE-2023-6128P4MEDIUMCVSS 5.4≥ unspecified, < 7.14.2, 7.12.14, 8.4.22023-11-14
CVE-2023-6128 [MEDIUM] CWE-79 CVE-2023-6128: Cross-site Scripting (XSS) - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7 Cross-site Scripting (XSS) - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
nvd
CVE-2023-5351P4MEDIUMCVSS 5.4≥ unspecified, < 7.14.12023-10-03
CVE-2023-5351 [MEDIUM] CWE-79 CVE-2023-5351: Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm prior to 7.14.1. Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm prior to 7.14.1.
nvd
CVE-2022-0755P4MEDIUMCVSS 4.3≥ unspecified, < 7.12.52022-03-07
CVE-2022-0755 [MEDIUM] CWE-862 CVE-2022-0755: Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5.
nvd
CVE-2023-6124P4MEDIUMCVSS 4.3≥ unspecified, < 7.14.2, 8.4.2, 7.12.142023-11-14
CVE-2023-6124 [MEDIUM] CWE-918 CVE-2023-6124: Server-Side Request Forgery (SSRF) in GitHub repository salesagility/suitecrm prior to 7.14.2, 8.4.2 Server-Side Request Forgery (SSRF) in GitHub repository salesagility/suitecrm prior to 7.14.2, 8.4.2, 7.12.14.
nvd
Salesagility Suitecrm vulnerabilities | cvebase