Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the file function by a Regular user.
Remediation
References
Related Vulnerabilities
MySQL Other Vulnerability (CVE-2005-0799)
Oracle HTTP Server Other Vulnerability (CVE-2004-1877)
Oracle JRE CVE-2019-2978 Vulnerability (CVE-2019-2978)
WordPress Plugin Video Conferencing with Zoom Cross-Site Scripting (4.0.9)
phpMyFAQ Improper Restriction of Excessive Authentication Attempts Vulnerability (CVE-2017-11187)