Vulnerabilities > Salesagility

DATE CVE VULNERABILITY TITLE RISK
2024-02-07 CVE-2023-6388 Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm 7.14.2
Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server.
network
low complexity
salesagility CWE-918
5.0
2023-11-21 CVE-2023-47643 Unspecified vulnerability in Salesagility Suitecrm 8.4.1
SuiteCRM is a Customer Relationship Management (CRM) software application.
network
low complexity
salesagility
5.3
2023-11-14 CVE-2023-6130 Path Traversal: '..filename' vulnerability in Salesagility Suitecrm
Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-29
8.8
2023-11-14 CVE-2023-6131 Code Injection vulnerability in Salesagility Suitecrm
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-94
8.8
2023-11-14 CVE-2023-6125 Code Injection vulnerability in Salesagility Suitecrm
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-94
8.8
2023-11-14 CVE-2023-6126 Code Injection vulnerability in Salesagility Suitecrm
Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-94
critical
9.8
2023-11-14 CVE-2023-6127 Unrestricted Upload of File with Dangerous Type vulnerability in Salesagility Suitecrm
Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-434
5.4
2023-11-14 CVE-2023-6128 Cross-site Scripting vulnerability in Salesagility Suitecrm
Cross-site Scripting (XSS) - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-79
5.4
2023-11-14 CVE-2023-6124 Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm
Server-Side Request Forgery (SSRF) in GitHub repository salesagility/suitecrm prior to 7.14.2, 8.4.2, 7.12.14.
network
low complexity
salesagility CWE-918
4.3
2023-10-03 CVE-2023-5353 Unspecified vulnerability in Salesagility Suitecrm
Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1.
network
low complexity
salesagility
6.5