WEB APPLICATION VULNERABILITIES Standard & Premium

SugarCRM Improperly Controlled Modification of Dynamically-Determined Object Attributes Vulnerability (CVE-2019-17315)

Description

SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user.

Remediation

References

Related Vulnerabilities

Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2212)

Drupal Other Vulnerability (CVE-2006-1226)

MySQL CVE-2020-14760 Vulnerability (CVE-2020-14760)

WordPress Plugin Doneren met Mollie Information Disclosure (2.8.4)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.6)

Severity

High

Classification

CVE-2019-17315 CWE-915 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities