Vulnerabilities > Salesagility

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-06	CVE-2019-18784	SQL Injection vulnerability in Salesagility Suitecrm SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to 7.11.9 allow SQL Injection. network low complexity salesagility CWE-89 critical	9.8
2019-10-02	CVE-2019-14454	Unspecified vulnerability in Salesagility Suitecrm SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to vertical privilege escalation. network low complexity salesagility critical	9.8
2019-10-02	CVE-2019-13335	Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF. network low complexity salesagility CWE-918 critical	9.8
2019-09-30	CVE-2019-14752	Cross-site Scripting vulnerability in Salesagility Suitecrm SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS. network low complexity salesagility CWE-79	6.1
2019-09-27	CVE-2019-16922	Unspecified vulnerability in Salesagility Suitecrm SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows unintended public exposure of files. network low complexity salesagility	5.3
2019-06-07	CVE-2019-12601	SQL Injection vulnerability in Salesagility Suitecrm SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 3 of 3). network low complexity salesagility CWE-89 critical	9.8
2019-06-07	CVE-2019-12600	SQL Injection vulnerability in Salesagility Suitecrm SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 2 of 3). network low complexity salesagility CWE-89 critical	9.8
2019-06-07	CVE-2019-12599	SQL Injection vulnerability in Salesagility Suitecrm SuiteCRM 7.10.x before 7.10.17 and 7.11.x before 7.11.5 allows SQL Injection. network low complexity salesagility CWE-89 critical	9.8
2019-06-07	CVE-2019-12598	SQL Injection vulnerability in Salesagility Suitecrm SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 1 of 3). network low complexity salesagility CWE-89 critical	9.8
2019-04-05	CVE-2018-20816	Cross-site Scripting vulnerability in Salesagility Suitecrm An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. network low complexity salesagility CWE-79	6.1

Vulnerabilities > Salesagility {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Salesagility"}]}

Vulnerabilities > Salesagility