Описание
Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sugarcrm:sugar_suite:3.5:*:*:*:*:*:*:*
cpe:2.3:a:sugarcrm:sugar_suite:4.0_beta:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.10639
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 20 лет назад
Directory traversal vulnerability in acceptDecline.php in Sugar Suite ...
github
больше 3 лет назад
Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to include arbitrary local files via ".." sequences in the beanFiles array parameter.
EPSS
Процентиль: 93%
0.10639
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other