Vulnerabilities > Sugarcrm > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-07 | CVE-2019-17301 | Code Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user. | 7.2 |
| 2019-10-07 | CVE-2019-17300 | Code Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by a Developer user. | 8.8 |
| 2019-10-07 | CVE-2019-17299 | Code Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user. | 7.2 |
| 2019-10-07 | CVE-2019-17298 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Administration module by a Developer user. | 8.8 |
| 2019-10-07 | CVE-2019-17297 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Quotes module by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17296 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17295 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17294 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17293 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Project module by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17292 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user. | 7.2 |