Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection in the Administration module by an Admin user.
Remediation
References
Related Vulnerabilities
WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.10)
ownCloud Improper Authentication Vulnerability (CVE-2014-2047)
WordPress Plugin WP Unique Article Header Image Cross-Site Request Forgery (1.0)
WordPress Plugin VikBooking Hotel Booking Engine & PMS Multiple Vulnerabilities (1.5.3)
WordPress Plugin WordPress Popular Posts Cross-Site Scripting (5.3.3)