Vulnerabilities in salesagility
40 resultsCVE-2023-1034MEDIUMPath Traversal: '\..\filename' in salesagility/suitecrmEPSS 28.1%CVE-2024-36412CRITICALSuiteCRM unauthenticated SQL InjectionEPSS 5.7%CVE-2023-47643LOWSuiteCRM has Unauthenticated Graphql Introspection EnabledEPSS 3.0%CVE-2024-36416HIGHSuiteCRM v4 API Excessive log data DOSEPSS 2.0%CVE-2023-5350MEDIUMSQL Injection in salesagility/suitecrmEPSS 1.9%CVE-2021-25960HIGHSuiteCRM - CSV Injection in Accounts ModuleEPSS 1.2%CVE-2023-6131HIGHCode Injection in salesagility/suitecrmEPSS 1.0%CVE-2023-6130HIGHPath Traversal: '\..\filename' in salesagility/suitecrmEPSS 1.0%CVE-2021-25961HIGHSuiteCRM - Account Takeover in Password Reset FunctionalityEPSS 0.9%CVE-2024-36415CRITICALSuiteCRM Improper Control of Filename for Include Statement in PHP and Unrestricted Upload of File with Dangerous content leads to authenticated remote code executionEPSS 0.9%CVE-2023-6125MEDIUMCode Injection in salesagility/suitecrmEPSS 0.8%CVE-2024-36418HIGHSuiteCRM authenticated RCE using connectorsEPSS 0.8%CVE-2022-0754HIGHSQL Injection in salesagility/suitecrmEPSS 0.8%CVE-2023-6126MEDIUMCode Injection in salesagility/suitecrmEPSS 0.7%CVE-2022-0755HIGHMissing Authorization in salesagility/suitecrmEPSS 0.7%CVE-2022-0756MEDIUMMissing Authorization in salesagility/suitecrmEPSS 0.6%CVE-2023-6128MEDIUMCross-site Scripting (XSS) - Reflected in salesagility/suitecrmEPSS 0.6%CVE-2023-5353HIGHImproper Access Control in salesagility/suitecrmEPSS 0.6%CVE-2023-3293HIGHCross-site Scripting (XSS) - Stored in salesagility/suitecrm-coreEPSS 0.5%CVE-2023-6124MEDIUMServer-Side Request Forgery (SSRF) in salesagility/suitecrmEPSS 0.5%