Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

salesagility — Vulnerabilities & Security Advisories 40

Browse all 40 CVE security advisories affecting salesagility. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products salesagility:SuiteCRMsalesagility/suitecrmsalesagility/suitecrm-coreSuiteCRM-Core
CVE IDTitleCVSSSeverityPaused
CVE-2024-50335 Authenticated XSS in "Publish Key" Field Allowing Unauthorized Administrator User Creation in SuiteCRM — SuiteCRMCWE-79 4.9 Medium2024-11-05
CVE-2024-50333 RCE in ModuleBuilder in SuiteCRM — SuiteCRMCWE-20 6.6 Medium2024-11-05
CVE-2024-50332 Authenticated Blind SQL Injection in DeleteRelationShip in SuiteCRM — SuiteCRMCWE-89 8.8 High2024-11-05
CVE-2024-49774 ModuleScanner flaws in SuiteCRM — SuiteCRMCWE-20 7.2 High2024-11-05
CVE-2024-49773 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in SuiteCRM — SuiteCRMCWE-89 5.3 Medium2024-11-05
CVE-2024-49772 Authenticated SQL injection in AM_ProjectTemplates controller in SuiteCRM — SuiteCRMCWE-89 8.8 High2024-11-05
CVE-2024-45392 SuiteCRM has wrong deletion permission checks on API delete call — SuiteCRMCWE-284 7.7 High2024-09-05
CVE-2024-36419 SuiteCRM-Core Host Header Injection in /legacy — SuiteCRM-CoreCWE-601 4.3 Medium2024-06-10
CVE-2024-36418 SuiteCRM authenticated RCE using connectors — SuiteCRMCWE-22 8.6 High2024-06-10
CVE-2024-36416 SuiteCRM v4 API Excessive log data DOS — SuiteCRMCWE-779 8.6 High2024-06-10
CVE-2024-36417 SuiteCRM Stored XSS Vulnerability Allows Code Execution via Malicious iFrame — SuiteCRMCWE-79 5.7 Medium2024-06-10
CVE-2024-36415 SuiteCRM Improper Control of Filename for Include Statement in PHP and Unrestricted Upload of File with Dangerous content leads to authenticated remote code execution — SuiteCRMCWE-98 9.1 Critical2024-06-10
CVE-2024-36414 SuiteCRM authenticated Server-Side Request Forgery — SuiteCRMCWE-918 7.7 High2024-06-10
CVE-2024-36413 SuiteCRM authenticated Reflected Cross-Site Scripting — SuiteCRMCWE-79 8.9 High2024-06-10
CVE-2024-36412 SuiteCRM unauthenticated SQL Injection — SuiteCRMCWE-89 10.0 Critical2024-06-10
CVE-2024-36411 SuiteCRM authenticated SQL Injection in EmailUIAjax displayView controller — SuiteCRMCWE-89 9.6 Critical2024-06-10
CVE-2024-36410 SuiteCRM authenticated SQL Injection in EmailUIAjax messages count controller — SuiteCRMCWE-89 9.6 Critical2024-06-10
CVE-2024-36409 SuiteCRM authenticated SQL Injection in TreeData entrypoint — SuiteCRMCWE-89 9.6 Critical2024-06-10
CVE-2024-36408 SuiteCRM authenticated SQL Injection in Alerts — SuiteCRMCWE-89 9.6 Critical2024-06-10
CVE-2024-36407 SuiteCRM unauthenticated user password reset on php7 — SuiteCRMCWE-640 3.7 Low2024-06-10
CVE-2024-36406 SuiteCRM vulnerable to open redirects — SuiteCRMCWE-601 5.4 Medium2024-06-10
CVE-2023-47643 SuiteCRM has Unauthenticated Graphql Introspection Enabled — SuiteCRM-CoreCWE-200 3.1 Low2023-11-21
CVE-2023-6131 Code Injection in salesagility/suitecrm — salesagility/suitecrmCWE-94 2.7 -2023-11-14
CVE-2023-6130 Path Traversal: '\..\filename' in salesagility/suitecrm — salesagility/suitecrmCWE-29 8.1 -2023-11-14
CVE-2023-6128 Cross-site Scripting (XSS) - Reflected in salesagility/suitecrm — salesagility/suitecrmCWE-79 5.4 -2023-11-14
CVE-2023-6127 Unrestricted Upload of File with Dangerous Type in salesagility/suitecrm — salesagility/suitecrmCWE-434 8.8 -2023-11-14
CVE-2023-6126 Code Injection in salesagility/suitecrm — salesagility/suitecrmCWE-94 2.7 -2023-11-14
CVE-2023-6125 Code Injection in salesagility/suitecrm — salesagility/suitecrmCWE-94 2.7 -2023-11-14
CVE-2023-6124 Server-Side Request Forgery (SSRF) in salesagility/suitecrm — salesagility/suitecrmCWE-918 6.5 -2023-11-14
CVE-2023-5353 Improper Access Control in salesagility/suitecrm — salesagility/suitecrmCWE-284 5.4 -2023-10-03

This page lists every published CVE security advisory associated with salesagility. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.