Total
64 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-20816 | 1 Salesagility | 1 Suitecrm | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the "add dashboard pages" feature where users can receive a malicious attack through a phished URL, with script executed. | |||||
CVE-2018-15606 | 1 Salesagility | 1 Suitecrm | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message. | |||||
CVE-2015-5947 | 1 Salesagility | 1 Suitecrm | 2023-12-10 | 6.8 MEDIUM | 8.1 HIGH |
SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. | |||||
CVE-2015-5948 | 1 Salesagility | 1 Suitecrm | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5947. |