Description

SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality.

Remediation

References

CVE-2004-1225

Related Vulnerabilities

WordPress Plugin NextGEN Gallery-WordPress Gallery Local File Inclusion (2.1.56)

OpenSSL Numeric Errors Vulnerability (CVE-2015-1794)

WordPress Plugin Post Connector Cross-Site Scripting (1.0.3)

Moodle Improper Authentication Vulnerability (CVE-2014-3552)

WordPress Plugin WP Athletics SQL Injection (1.1.7)

Severity

Critical

Classification

CVE-2004-1225

Tags

Missing Update Known Vulnerabilities