Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The install scripts in SugarCRM Sugar Sales 2.0.1c and earlier are not removed after installation, which allows attackers to obtain the MySQL administrative password in cleartext from an installation form, or to cause a denial of service by changing database settings to the default.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SugarCRM SugarSales 信息泄露漏洞
Vulnerability Description
SugarCRM是一套基于Web的客户关系管理系统。 Sugar Sales 2.0.1c及之前版本存在信息泄露漏洞。 由于在安装完成后没有移除安装脚本,攻击者可以获得明文的MySQL管理密码或者恢复数据库默认值引起拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A