Vulnerabilities > Sugarcrm > Sugarcrm
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-01-10 | CVE-2004-1225 | Input Validation vulnerability in SugarCRM SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality. | 10.0 |
2005-01-01 | CVE-2005-0266 | Cross-Site Scripting vulnerability in SugarCRM Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the (1) return_module, (2) return_action, (3) name, (4) module, or (5) record parameter. network sugarcrm | 4.3 |