Vulnerabilidades en Suitecrm
35 resultadosCVE-2026-33289HIGHSuiterCRM has LDAP Filter Injection in Authentication ModuleEPSS 0.7%CVE-2022-50589CRITICALSuiteCRM < 7.12.6 SQL Injection via 'export' FunctionalityEPSS 0.6%CVE-2026-29103CRITICALSuiteCRM Vulnerable to Remote Code Execution via Module Loader Package Scanner BypassEPSS 0.5%CVE-2026-29102HIGHSuiteCRM has Authenticated RCE in ModulesEPSS 0.5%CVE-2026-29109HIGHSuiteCRM Authenticated Remote Code Execution via Unsafe Deserialization in SavedSearch Filter ProcessingEPSS 0.5%CVE-2026-29101MEDIUMSuiteCRM Vulnerable to Directory Traversal to DoS in ModulesEPSS 0.5%CVE-2026-33288HIGHSuiteCRM has Authenticated SQL Injection in Authentication ModuleEPSS 0.4%CVE-2025-54788HIGHSuiteCRM: Authenticated Blind SQL Injection in InboundEmail moduleEPSS 0.4%CVE-2025-64488HIGHSuiteCRM: Authenticated SQL Injection Possible in Reschedule Call ModuleEPSS 0.4%CVE-2025-54785HIGHSuiteCRM is Vulnerable to PHP Object Injection in ReportsEPSS 0.3%CVE-2019-25663HIGHSuiteCRM 7.10.7 SQL Injection via parentTab ParameterEPSS 0.3%CVE-2019-25664HIGHSuiteCRM 7.10.7 SQL Injection via record ParameterEPSS 0.3%CVE-2026-29098MEDIUMSuiteCRM has Relative Path Traversal via ModuleBuilder Modules ExportCustom ActionEPSS 0.3%CVE-2026-29189HIGHSuiteCRM has a REST API V8 IDOR: Missing ACL Checks on User Preferences and Relationship EndpointsEPSS 0.3%CVE-2022-50590HIGHSuiteCRM < 7.12.6 Type Confusion via 'deleteAttachment' FunctionalityEPSS 0.3%CVE-2026-29096HIGHSuiteCRM vulnerable to Authenticated SQL Injection via unsanitized field_function in Report FieldsEPSS 0.3%CVE-2026-29108MEDIUMAuthenticated SuiteCRM Users Can Retrieve The Password Hash of Any UserEPSS 0.3%CVE-2025-64492HIGHSuiteCRM is Vulnerable to Authenticated Time Based Blind SQL InjectionEPSS 0.3%CVE-2026-29097HIGHSuiteCRM Server-Side Request Forgery and Denial of Service via RSS Feed DashletEPSS 0.3%CVE-2025-64489HIGHSuiteCRM: Privilege Escalation via Improper Session Invalidation and Inactive User BypassEPSS 0.3%