Vulnerabilities > Salesagility

DATE CVE VULNERABILITY TITLE RISK
2019-06-07 CVE-2019-12600 SQL Injection vulnerability in Salesagility Suitecrm
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 2 of 3).
network
low complexity
salesagility CWE-89
7.5
2019-06-07 CVE-2019-12599 SQL Injection vulnerability in Salesagility Suitecrm
SuiteCRM 7.10.x before 7.10.17 and 7.11.x before 7.11.5 allows SQL Injection.
network
low complexity
salesagility CWE-89
7.5
2019-06-07 CVE-2019-12598 SQL Injection vulnerability in Salesagility Suitecrm
SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection (issue 1 of 3).
network
low complexity
salesagility CWE-89
7.5
2019-04-05 CVE-2018-20816 Cross-site Scripting vulnerability in Salesagility Suitecrm
An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking.
4.3
2019-04-02 CVE-2019-6506 SQL Injection vulnerability in Salesagility Suitecrm 7.11.0
SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL Injection.
network
low complexity
salesagility CWE-89
7.5
2018-09-26 CVE-2018-15606 Cross-site Scripting vulnerability in Salesagility Suitecrm
An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message.
4.3
2017-09-06 CVE-2015-5948 Race Condition vulnerability in Salesagility Suitecrm
Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code.
network
salesagility CWE-362
critical
9.3
2017-09-06 CVE-2015-5947 Race Condition vulnerability in Salesagility Suitecrm
SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code.
6.8