Description
SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal in the attachment function by a Regular user.
Remediation
References
Related Vulnerabilities
WordPress Plugin DSGVO All in one for WP Cross-Site Scripting (3.9)
MySQL CVE-2015-4861 Vulnerability (CVE-2015-4861)
WordPress Plugin Theme Editor Multiple Vulnerabilities (2.1)
WordPress Plugin Product Catalog PHP Object Injection (4.2.25)
TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-31046)