Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by a Regular user.
Remediation
References
Related Vulnerabilities
WordPress Credentials Management Errors Vulnerability (CVE-2016-5838)
WordPress Plugin BackUpWordPress Unspecified Vulnerability (3.12)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7834)
WordPress Plugin Appointment Hour Booking-WordPress Booking Cross-Site Scripting (1.1.44)
WordPress Plugin Social Share Icons & Social Share Buttons Security Bypass (3.0.2)