Vulnerabilities > Salesagility > Suitecrm > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-10 | CVE-2024-36417 | Cross-site Scripting vulnerability in Salesagility Suitecrm SuiteCRM is an open-source Customer Relationship Management (CRM) software application. | 9.0 |
| 2024-06-10 | CVE-2024-36412 | SQL Injection vulnerability in Salesagility Suitecrm SuiteCRM is an open-source Customer Relationship Management (CRM) software application. | 9.8 |
| 2023-11-14 | CVE-2023-6126 | Code Injection vulnerability in Salesagility Suitecrm Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2. | 9.8 |
| 2023-10-03 | CVE-2023-5350 | SQL Injection vulnerability in Salesagility Suitecrm SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1. | 9.1 |
| 2021-10-22 | CVE-2021-42840 | Unrestricted Upload of File with Dangerous Type vulnerability in Salesagility Suitecrm SuiteCRM before 7.11.19 allows remote code execution via the system settings Log File Name setting. | 9.0 |
| 2020-11-06 | CVE-2020-28328 | Unrestricted Upload of File with Dangerous Type vulnerability in Salesagility Suitecrm SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. | 9.0 |
| 2017-09-06 | CVE-2015-5948 | Race Condition vulnerability in Salesagility Suitecrm Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. | 9.3 |