Description
SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1834)
Claroline Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2006-4844)
WordPress Plugin WordPoints Multiple Vulnerabilities (1.10.2)
Liferay DXP Incorrect Authorization Vulnerability (CVE-2025-62243)