CVE-2024-36412 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 Events Response Entry Point sql injection

Posted by Angelo Barbosa | Jun 10, 2024 | CVE

A vulnerability, which was classified as critical, has been found in SalesAgility SuiteCRM up to 7.14.3/8.6.0. Affected by this issue is some unknown functionality of the component Events Response Entry Point. The manipulation leads to sql injection.

This vulnerability is handled as CVE-2024-36412. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36412 | SalesAgility SuiteCRM up to 7.14.3/8.6.0 Events Response Entry Point sql injection

Related Posts

CVE-2024-6572 | Checkmk up to 2.0.0p39/2.1.0p47/2.2.0p32/2.3.0p14 Check SFTP Service key exchange without entity authentication

VDB-249634 | Microsoft Azure GitHub Action code injection

CVE-2022-49005 | Linux Kernel up to 6.0.11 ASoC snd_soc_put_volsw_sx memory corruption

CVE-2023-50164 | Apache Struts up to 2.5.32/6.3.0.1 File Upload file access