4.0.beta

DATE	CVE	VULNERABILITY TITLE	RISK
2006-09-29	CVE-2006-5082	Arbitrary Command Execution vulnerability in Sugar Suite Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before 4.2.1 Patch C (20060917) has unspecified impact, related to code execution, and unspecified attack vectors. network low complexity sugarcrm	7.5
2005-12-08	CVE-2005-4087	Remote and Local File Include vulnerability in Sugarcrm Sugar Suite 3.5/4.0Beta PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter. network low complexity sugarcrm	7.5
2005-12-08	CVE-2005-4086	Remote and Local File Include vulnerability in Sugarcrm Sugar Suite 3.5/4.0Beta Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter. network low complexity sugarcrm	5.0