SageCRM SQL Injection and Arbitrary File Upload Vulnerabilities

Bugtraq ID: 95968
Class: Input Validation Error
CVE: CVE-2017-5219
CVE-2017-5218
Remote: Yes
Local: No
Published: Feb 01 2017 12:00AM
Updated: Mar 07 2017 03:01AM
Credit: Chris McCurley
Vulnerable: Sage SageCRM 7.0e
Not Vulnerable: Sage SageCRM 7.3 SP3


 

Privacy Statement
Copyright 2010, SecurityFocus