Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user.
Remediation
References
Related Vulnerabilities
WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.12)
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Scripting (2.3.0)
OpenSSL Improper Input Validation Vulnerability (CVE-2008-5077)
PHP Other Vulnerability (CVE-2007-1380)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-3455)