VYPR
Vendor

Sagecrm

Products
1
CVEs
2
Across products
2
Status
Private

Products

1

Recent CVEs

2
  • CVE-2017-5219CriFeb 2, 2017
    risk 0.64cvss 9.8epss 0.03

    An issue was discovered in SageCRM 7.x before 7.3 SP3. The Component Manager functionality, provided by SageCRM, permits additional components to be added to the application to enhance provided functionality. This functionality allows a zip file to be uploaded, containing a…

  • CVE-2017-5218HigFeb 2, 2017
    risk 0.57cvss 8.8epss 0.01

    A SQL Injection issue was discovered in SageCRM 7.x before 7.3 SP3. The AP_DocumentUI.asp web resource includes Utilityfuncs.js when the file is opened or viewed. This file crafts a SQL statement to identify the database that is to be in use with the current user's session. The…