Vulnerabilities > Salesagility > Suitecrm > 7.10.29

DATE CVE VULNERABILITY TITLE RISK
2020-11-06 CVE-2020-28328 Unrestricted Upload of File with Dangerous Type vulnerability in Salesagility Suitecrm
SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting.
network
low complexity
salesagility CWE-434
critical
 9.0
9.0
2020-02-13 CVE-2020-8801 Injection vulnerability in Salesagility Suitecrm
SuiteCRM through 7.11.11 allows PHAR Deserialization.
network
low complexity
salesagility CWE-74
6.5
6.5