CVE-2018-6308

CVE-2018-6308

Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and below via the track parameter to modulesCampaignsTracker.php and modulesCampaignsutils.php, the default_currency_name parameter to modulesConfiguratorcontroller.php and modulesCurrenciesCurrency.php, the duplicate parameter to modulesContactsShowDuplicates.php, the mergecur parameter to modulesCurrenciesindex.php and modulesOpportunitiesOpportunity.php, and the load_signed_id parameter to modulesDocumentsDocument.php.

Source: CVE-2018-6308

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다