Suitecrm

suitecrm

Vendor: Salesagility • 105 CVEs

CVEs (105)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-20816 1Salesagility 1Suitecrm Nov 21, 2024 Apr 5, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the "add dashboard pages" featur...Show more An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the "add dashboard pages" feature where users can receive a malicious attack through a phished URL, with script executed.Show less
CVE-2019-6506 1Salesagility 1Suitecrm Nov 21, 2024 Apr 2, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL Injection.
CVE-2018-15606 1Salesagility 1Suitecrm Nov 21, 2024 Sep 26, 2018 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message.
CVE-2015-5948 1Salesagility 1Suitecrm May 13, 2026 Sep 6, 2017 N/A· v4 8.1 HIGH· v3 9.3 HIGH· v2 Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5947.
CVE-2015-5947 1Salesagility 1Suitecrm May 13, 2026 Sep 6, 2017 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code.

Previous 1 2 3 4 56