Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user.
Remediation
References
Related Vulnerabilities
WordPress Plugin Calendar Unspecified Vulnerability (1.3.10)
WordPress Plugin MP3-jPlayer Local File Disclosure (2.3)
Oracle JRE CVE-2014-0448 Vulnerability (CVE-2014-0448)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4382)
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3348)