Known Vulnerabilities for products from Salesagility
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Salesagility".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-6131 json | 8.8 - HIGH | 2023-11-14 | 2023-11-17 | |
| CVE-2023-6130 json | 8.8 - HIGH | 2023-11-14 | 2023-11-17 | |
| CVE-2023-6128 json | 5.4 - MEDIUM | 2023-11-14 | 2023-11-17 | |
| CVE-2023-6127 json | 5.4 - MEDIUM | 2023-11-14 | 2023-11-17 | |
| CVE-2023-6126 json | 9.8 - CRITICAL | 2023-11-14 | 2023-11-17 | |
| CVE-2023-6125 json | 8.8 - HIGH | 2023-11-14 | 2023-11-17 | |
| CVE-2023-6124 json | 4.3 - MEDIUM | 2023-11-14 | 2023-11-17 | |
| CVE-2023-5353 json | Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1. | 6.5 - MEDIUM | 2023-10-03 | 2023-10-05 |
| CVE-2023-5351 json | Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm prior to 7.14.1. | 5.4 - MEDIUM | 2023-10-03 | 2023-10-04 |
| CVE-2023-5350 json | SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1. | 9.1 - CRITICAL | 2023-10-03 | 2023-10-04 |
| CVE-2023-3627 json | Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core prior to 8.3.1. | 8.8 - HIGH | 2023-07-11 | 2023-07-18 |
| CVE-2023-3293 json | Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0. | 4.8 - MEDIUM | 2023-06-16 | 2023-06-22 |
| CVE-2023-1034 json | Path Traversal: '\..\filename' in GitHub repository salesagility/suitecrm prior to 7.12.9. | 8.8 - HIGH | 2023-02-25 | 2023-03-06 |
| CVE-2022-27474 json | SuiteCRM v7.11.23 was discovered to allow remote code execution via a crafted payload injected into the FirstName text field. | 7.2 - HIGH | 2022-04-15 | 2022-04-22 |
| CVE-2022-23940 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-03-10 | 2022-03-16 |
| CVE-2022-0756 json | Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. | 6.5 - MEDIUM | 2022-03-07 | 2023-06-29 |
| CVE-2022-0755 json | Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. | 4.3 - MEDIUM | 2022-03-07 | 2023-06-29 |
| CVE-2022-0754 json | SQL Injection in GitHub repository salesagility/suitecrm prior to 7.12.5. | 6.5 - MEDIUM | 2022-03-07 | 2022-03-11 |
| CVE-2021-45903 json | A persistent cross-site scripting (XSS) issue in the web interface of SuiteCRM before 7.10.35, and 7.11.x and 7.12.x before 7... | 6.1 - MEDIUM | 2021-12-28 | 2022-01-06 |
| CVE-2021-45899 json | SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote code execution. | 9.8 - CRITICAL | 2022-01-28 | 2022-02-02 |