Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the ModuleBuilder module by an Admin user.
Remediation
References
Related Vulnerabilities
WordPress Plugin Image Gallery-Responsive Photo Gallery SQL Injection (1.8.9)
Oracle JRE CVE-2013-5806 Vulnerability (CVE-2013-5806)
MySQL CVE-2012-0493 Vulnerability (CVE-2012-0493)
WordPress Plugin YAS Slideshow Arbitrary File Upload (3.4)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2935)