Directory Traversal Vulnerability in SugarCRM by Sugar Suite
CVE-2005-4086

Currently unrated

Key Information:

Vendor

Sugarcrm

Status
Sugar Suite
Vendor
CVE Published:
8 December 2005

What is CVE-2005-4086?

The directory traversal vulnerability in the acceptDecline.php file of Sugar Suite Open Source CRM 4.0 beta and earlier versions allows remote attackers to exploit the system. By manipulating the beanFiles array parameter with '..' sequences, attackers could potentially include arbitrary local files, leading to unauthorized access to sensitive information and possible system compromise. It is imperative for users and administrators to review the security configurations and implement necessary updates to safeguard against such attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://securitytracker.com/id?1015322
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/archive/1/418840
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/15760
vdb-entryx_refsource_BID

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.