Vulnerabilities > Salesagility > Suitecrm > 7.10.21

DATE CVE VULNERABILITY TITLE RISK
2020-02-13 CVE-2020-8803 Path Traversal vulnerability in Salesagility Suitecrm
SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via add_to_prospect_list.
network
low complexity
salesagility CWE-22
7.5
7.5
2020-02-13 CVE-2020-8802 SQL Injection vulnerability in Salesagility Suitecrm
SuiteCRM through 7.11.11 has Incorrect Access Control via action_saveHTMLField Bean Manipulation.
network
low complexity
salesagility CWE-89
7.5
7.5
2020-02-13 CVE-2020-8801 Injection vulnerability in Salesagility Suitecrm
SuiteCRM through 7.11.11 allows PHAR Deserialization.
network
low complexity
salesagility CWE-74
6.5
6.5
2020-02-13 CVE-2020-8800 Injection vulnerability in Salesagility Suitecrm
SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.
network
low complexity
salesagility CWE-74
6.5
6.5