Vulnerabilities > Sugarcrm > Sugarcrm > 7.9.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-07 | CVE-2019-17296 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Contacts module by a Regular user. | 6.5 |
| 2019-10-07 | CVE-2019-17295 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the history function by a Regular user. | 6.5 |
| 2019-10-07 | CVE-2019-17294 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the export function by a Regular user. | 6.5 |
| 2019-10-07 | CVE-2019-17293 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Project module by a Regular user. | 6.5 |
| 2019-10-07 | CVE-2019-17292 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin user. | 6.5 |
| 2019-10-07 | CVE-2019-17319 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the Emails module by a Regular user. | 6.5 |
| 2019-10-07 | CVE-2019-17318 | SQL Injection vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user. | 6.5 |
| 2019-10-07 | CVE-2019-17317 | Unspecified vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the UpgradeWizard module by an Admin user. | 7.2 |
| 2019-10-07 | CVE-2019-17316 | Unspecified vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Import module by a Regular user. | 8.8 |
| 2019-10-07 | CVE-2019-17315 | Unspecified vulnerability in Sugarcrm SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user. | 7.2 |