Описание
Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sugarcrm:sugar_suite:3.5:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugar_suite:4.0_beta:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.12556
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
около 20 лет назад
Directory traversal vulnerability in acceptDecline.php in Sugar Suite ...
github
почти 4 года назад
Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter.
EPSS
Процентиль: 94%
0.12556
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other