Unrated severityNVD Advisory· Published Jan 10, 2005· Updated Apr 16, 2026
CVE-2004-1225
CVE-2004-1225
Description
SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality.
Affected products
13cpe:2.3:a:sugarcrm:sugarcrm:1.0:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:sugarcrm:sugarcrm:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:1.0f:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:1.0g:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:1.1a:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:1.1b:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:1.1c:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:1.1d:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:1.1e:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:1.1f:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:1.5d:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:sugarcrm:sugarcrm:2.0.1a:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- www.securityfocus.com/bid/11740nvdExploitVendor Advisory
- marc.infonvd
- www.gulftech.orgnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/18325nvd
News mentions
0No linked articles in our index yet.