Vulnerabilities > Sugarcrm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-07 | CVE-2019-17298 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Administration module by a Developer user. | 8.8 |
| 2019-10-07 | CVE-2019-17297 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Quotes module by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17296 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17295 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17294 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17293 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Project module by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17292 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user. | 7.2 |
| 2019-10-07 | CVE-2019-17319 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17318 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17317 | Unspecified vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the UpgradeWizard module by an Admin user. | 7.2 |