Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 75 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2019-25664 SuiteCRM 7.10.7 SQL Injection via record Parameter SuitecrmSuiteCRM High 7.1 2026-04-05 20:45:19 Deep Dive
CVE-2019-25663 SuiteCRM 7.10.7 SQL Injection via parentTab Parameter SuitecrmSuiteCRM High 7.1 2026-04-05 20:45:18 Deep Dive
CVE-2026-32697 SuiteCRM: RecordHandler::getRecord() missing ACLAccess('view') check allows any authenticated user to read any record (IDOR) SuiteCRMSuiteCRM-Core Medium 6.5 2026-03-19 23:13:08 Deep Dive
CVE-2026-29109 SuiteCRM Authenticated Remote Code Execution via Unsafe Deserialization in SavedSearch Filter Processing SuiteCRMSuiteCRM-Core 中危 -2026-03-19 23:12:12 Deep Dive
CVE-2026-29108 Authenticated SuiteCRM Users Can Retrieve The Password Hash of Any User SuiteCRMSuiteCRM-Core Medium 6.5 2026-03-19 23:11:00 Deep Dive
CVE-2026-33289 SuiterCRM has LDAP Filter Injection in Authentication Module SuiteCRMSuiteCRM High 8.8 2026-03-19 23:09:07 Deep Dive
CVE-2026-33288 SuiteCRM has Authenticated SQL Injection in Authentication Module SuiteCRMSuiteCRM High 8.8 2026-03-19 23:08:11 Deep Dive
CVE-2026-29189 SuiteCRM has a REST API V8 IDOR: Missing ACL Checks on User Preferences and Relationship Endpoints SuiteCRMSuiteCRM High 8.1 2026-03-19 23:05:17 Deep Dive
CVE-2026-29107 SuiteCRM vulnerable to authenticated SSRF via PDF export SuiteCRMSuiteCRM Medium 5.0 2026-03-19 23:04:12 Deep Dive
CVE-2026-29106 SuiteCRM has blind XSS in return_id parameter SuiteCRMSuiteCRM Medium 5.9 2026-03-19 23:02:20 Deep Dive
CVE-2026-29105 SuiteCRM has Unauthenticated Open Redirect in Leads WebToLead Capture SuiteCRMSuiteCRM Medium 5.4 2026-03-19 22:58:49 Deep Dive
CVE-2026-29104 SuiteCRM Vulnerable to Authenticated Arbitrary File Upload via Configurator addfontresult View in SuiteCRM SuiteCRMSuiteCRM Low 2.7 2026-03-19 22:55:52 Deep Dive
CVE-2026-29103 SuiteCRM Vulnerable to Remote Code Execution via Module Loader Package Scanner Bypass SuiteCRMSuiteCRM Critical 9.1 2026-03-19 22:54:35 Deep Dive
CVE-2026-29102 SuiteCRM has Authenticated RCE in Modules SuiteCRMSuiteCRM High 7.2 2026-03-19 22:53:10 Deep Dive
CVE-2026-29101 SuiteCRM Vulnerable to Directory Traversal to DoS in Modules SuiteCRMSuiteCRM Medium 4.9 2026-03-19 22:51:48 Deep Dive
CVE-2026-29100 SuiteCRM has Reflected HTML Injection in Login Page via default_user_name Parameter SuiteCRMSuiteCRM High 7.1 2026-03-19 22:48:50 Deep Dive
CVE-2026-29099 SuiteCRM has Authenticated Blind SQL Injection in OutboundEmail Legacy Functionality. SuiteCRMSuiteCRM High 8.8 2026-03-19 22:46:56 Deep Dive
CVE-2026-29098 SuiteCRM has Relative Path Traversal via ModuleBuilder Modules ExportCustom Action SuiteCRMSuiteCRM Medium 4.9 2026-03-19 22:43:59 Deep Dive
CVE-2026-29097 SuiteCRM Server-Side Request Forgery and Denial of Service via RSS Feed Dashlet SuiteCRMSuiteCRM 中危 -2026-03-19 22:39:04 Deep Dive
CVE-2026-29096 SuiteCRM vulnerable to Authenticated SQL Injection via unsanitized field_function in Report Fields SuiteCRMSuiteCRM High 8.1 2026-03-19 22:37:51 Deep Dive