Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SuiteCRM < 7.12.6 Type Confusion via 'deleteAttachment' Functionality
Vulnerability Description
SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of the ‘module’ parameter within the ‘deleteAttachment’ functionality. Successful exploitation allows remote unauthenticated attackers to alter database objects including changing the email address of the administrator.
CVSS Information
N/A
Vulnerability Type
使用不兼容类型访问资源(类型混淆)
Vulnerability Title
SuiteCRM 安全漏洞
Vulnerability Description
SuiteCRM是SuiteCRM团队的一个客户关系管理系统。 SuiteCRM 7.12.6之前版本存在安全漏洞,该漏洞源于处理deleteAttachment功能中的module参数时存在类型混淆,可能导致未经验证的远程攻击者更改数据库对象。
CVSS Information
N/A
Vulnerability Type
N/A