Security Flaw in SugarCRM Sugar Sales Product by SugarCRM
CVE-2004-1228

Currently unrated

Key Information:

Vendor: Sugarcrm
Status: Sugar Sales
Vendor: CVE Published:; 10 January 2005

What is CVE-2004-1228?

The installation scripts in SugarCRM Sugar Sales versions 2.0.1c and earlier remain accessible even after installation. This oversight allows unauthorized users to extract the MySQL administrative password from the installation form in plain text. Additionally, an attacker can manipulate the database settings to revert them to default values, potentially leading to a denial of service. Proper measures should be implemented to secure these scripts and protect sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=bugtraq&m=110295433323795&w=2

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/18449

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Dec 14, 2004

JSON

Sugarcrm

What is CVE-2004-1228?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.