Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Administration module by an Admin user.
Remediation
References
Related Vulnerabilities
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4382)
Apache HTTP Server Improper Input Validation Vulnerability (CVE-2024-42516)
WordPress Plugin Multisite Global Search 'mssearch' Parameter Cross-Site Scripting (1.2.5)
WordPress 5.2.x Directory Traversal (5.2 - 5.2.20)
MODX Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-8773)