📦 Sugarcrm

SugarCRM has an unrestricted file upload vulnerability in the Notes module that allows authenticated users to upload malicious PHP files. This affects SugarCRM 12 before 12.0.4 and 13 before 13.0.2, e...

This CVE describes a Bean Manipulation vulnerability in SugarCRM's REST API that allows authenticated users to inject custom PHP code through crafted requests due to missing input validation. It affec...

This vulnerability allows authenticated users to execute arbitrary SQL code through the REST API due to missing input validation. It affects SugarCRM Enterprise versions before 11.0.6 and 12.x before ...