Vulnerabilities > Salesagility > Suitecrm > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-05 CVE-2024-45392 Unspecified vulnerability in Salesagility Suitecrm
SuiteCRM is an open-source customer relationship management (CRM) system.
network
low complexity
salesagility
4.3
2024-06-10 CVE-2024-36419 Open Redirect vulnerability in Salesagility Suitecrm
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
network
low complexity
salesagility CWE-601
6.1
2024-06-10 CVE-2024-36413 Cross-site Scripting vulnerability in Salesagility Suitecrm
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
network
low complexity
salesagility CWE-79
5.4
2024-06-10 CVE-2024-36414 Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
network
low complexity
salesagility CWE-918
6.5
2024-06-10 CVE-2024-36407 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Salesagility Suitecrm
SuiteCRM is an open-source Customer Relationship Management (CRM) software application.
network
low complexity
salesagility CWE-640
6.5
2024-02-07 CVE-2023-6388 Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm 7.14.2
Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server.
network
low complexity
salesagility CWE-918
5.0
2023-11-21 CVE-2023-47643 Unspecified vulnerability in Salesagility Suitecrm 8.4.1
SuiteCRM is a Customer Relationship Management (CRM) software application.
network
low complexity
salesagility
5.3
2023-11-14 CVE-2023-6127 Unrestricted Upload of File with Dangerous Type vulnerability in Salesagility Suitecrm
Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-434
5.4
2023-11-14 CVE-2023-6128 Cross-site Scripting vulnerability in Salesagility Suitecrm
Cross-site Scripting (XSS) - Reflected in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2.
network
low complexity
salesagility CWE-79
5.4
2023-11-14 CVE-2023-6124 Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm
Server-Side Request Forgery (SSRF) in GitHub repository salesagility/suitecrm prior to 7.14.2, 8.4.2, 7.12.14.
network
low complexity
salesagility CWE-918
4.3