Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the attachment function by a Regular user.
Remediation
References
Related Vulnerabilities
WordPress Plugin Product Addons & Fields for WooCommerce Arbitrary File Upload (1.1)
WordPress Plugin Responsive WordPress Slider-Avartan Slider Lite Cross-Site Scripting (1.4)
WordPress Plugin Mailing List 'dl.php' Arbitrary File Download (1.4.1)
MySQL CVE-2021-2016 Vulnerability (CVE-2021-2016)
WordPress Plugin Gravity Forms Advanced File Uploader Unspecified Vulnerability (1.18)