- 34,599
- 0
- 18 Дек 2022
- EDB-ID
- 24768
- Проверка EDB
-
- Пройдено
- Автор
- GULFTECH SECURITY
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2004-1225
- Дата публикации
- 2004-11-23
SugarCRM 1.x/2.0 Module - 'record' SQL Injection
Код:
source: https://www.securityfocus.com/bid/11740/info
SugarCRM is reported prone to multiple vulnerabilites arising from insufficient sanitization of user-supplied input. These issues can a remote attacker to carry out cross-site scripting, HTML injection, SQL injection and directory traversal attacks.
index.php?action=DetailView&module=Accounts&record=[SQL]- Источник
- www.exploit-db.com
