Sugarcrm

sugarcrm

Vendor: Sugarcrm • 63 CVEs

CVEs (63)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2004-1226 1Sugarcrm 1Sugarcrm Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to gain sensitive information via certain requests to scripts that contain invalid input, which reveals the path in an error message, as demonstrated using...Show more SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to gain sensitive information via certain requests to scripts that contain invalid input, which reveals the path in an error message, as demonstrated using phprint.php with an empty module parameter.Show less
CVE-2004-1225 1Sugarcrm 1Sugarcrm Apr 16, 2026 Jan 10, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record par...Show more SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality.Show less
CVE-2005-0266 1Sugarcrm 1Sugarcrm Apr 16, 2026 Jan 1, 2005 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the (1) return_module, (2) return_action, (3) name, (4) module, or (5) record param...Show more Cross-site scripting (XSS) vulnerability in index.php in SugarCRM 1.X allows remote attackers to inject arbitrary web script or HTML via the (1) return_module, (2) return_action, (3) name, (4) module, or (5) record parameter.Show less

Previous 1 2 34