Vulnerabilities > Salesagility > Suitecrm > 8.0

DATE CVE VULNERABILITY TITLE RISK
2024-06-10 CVE-2024-36419 Open Redirect vulnerability in Salesagility Suitecrm
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
network
low complexity
salesagility CWE-601
6.1
6.1
2023-07-11 CVE-2023-3627 Cross-Site Request Forgery (CSRF) vulnerability in Salesagility Suitecrm
Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core prior to 8.3.1.
network
low complexity
salesagility CWE-352
8.8
8.8
2022-03-10 CVE-2022-23940 Deserialization of Untrusted Data vulnerability in Salesagility Suitecrm
SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution.
network
low complexity
salesagility CWE-502
8.8
8.8
2022-01-28 CVE-2021-45897 Unspecified vulnerability in Salesagility Suitecrm
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows remote code execution.
network
low complexity
salesagility
8.8
8.8
2022-01-28 CVE-2021-45898 Unspecified vulnerability in Salesagility Suitecrm
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows local file inclusion.
network
low complexity
salesagility
critical
 9.8
9.8
2022-01-28 CVE-2021-45899 Deserialization of Untrusted Data vulnerability in Salesagility Suitecrm
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote code execution.
network
low complexity
salesagility CWE-502
critical
 9.8
9.8
2021-12-19 CVE-2021-45041 SQL Injection vulnerability in Salesagility Suitecrm
SuiteCRM before 7.12.2 and 8.x before 8.0.1 allows authenticated SQL injection via the Tooltips action in the Project module, involving resource_id and start_date.
network
low complexity
salesagility CWE-89
8.8
8.8