Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
SuiteCRM SQL Injection (CVE-2024-36412) - Vulnerability Database

SuiteCRM SQL Injection (CVE-2024-36412)

Description

SuiteCRM has an SQL Injection vulnerability that allows unauthenticated attackers to gain access to sensitive data and compromise the system.

Remediation

Upgrade to the latest version of SuiteCRM

References

Unauthenticated SQL Injection
CVE-2024-36412 | Proof of Concept

Related Vulnerabilities

vBulletin 4 (up to 4.1.2) search.php SQL injection High
Common tags: Sql Injection Known Vulnerabilities
CRMEB SQL Injection (CVE-2024-36837) High
Common tags: Sql Injection Known Vulnerabilities
Joomla! 1.7/2.5 SQL injection vulnerability High
Common tags: Sql Injection Known Vulnerabilities
Parallels Plesk SQL injection vulnerability High
Common tags: Sql Injection Known Vulnerabilities
Joomla! 1.6.0 SQL injection vulnerability High
Common tags: Sql Injection Known Vulnerabilities

Severity

Critical

Classification

CVE-2024-36412
CWE-89
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

Tags

Sql Injection
Known Vulnerabilities