High severity7.1NVD Advisory· Published Apr 5, 2026· Updated Apr 20, 2026
CVE-2019-25663
CVE-2019-25663
Description
SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the parentTab parameter. Attackers can send GET requests to the email module with malicious parentTab values using boolean-based SQL injection techniques to extract sensitive database information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- www.exploit-db.com/exploits/46310nvdExploitThird Party AdvisoryVDB Entry
- www.vulncheck.com/advisories/suitecrm-sql-injection-via-parenttab-parameternvdThird Party Advisory
- suitecrm.comnvdProduct
- suitecrm.com/download/nvdProduct
News mentions
0No linked articles in our index yet.