Description
SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality.
Remediation
References
Related Vulnerabilities
WordPress Plugin dsSearchAgent:WordPress Edition Cross-Site Scripting (1.0-beta10)
Django Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-0696)
WordPress Plugin Import and export users and customers Multiple Vulnerabilities (1.9.4.6)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4554)