Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:PHP:SUGARCRM-CE |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
SugarCRM PHP Code Execution |
Release Date |
2012/08/29 |
Update Number |
2180 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: SugarCRM PHP Code Execution
This signature detects attempts to exploit a known vulnerability against SugarCRM. A successful attack can lead to arbitrary code execution.
Extended Description
SugarCRM Community Edition is prone to multiple remote PHP code-execution vulnerabilities. An attacker can exploit these issues to inject and execute arbitrary malicious PHP code in the context of the affected application. This may facilitate a compromise of the application and the underlying system; other attacks are also possible. SugarCRM Community Edition versions 6.3.1 and prior are vulnerable.
Affected Products
- Sugarcrm sugarcrm_community_edition 4.5.1
- Sugarcrm sugarcrm_community_edition 4.5.1J
- Sugarcrm sugarcrm_community_edition 5.0.0
- Sugarcrm sugarcrm_community_edition 5.0.0C
- Sugarcrm sugarcrm_community_edition 6.3.0RC1
- Sugarcrm sugarcrm_community_edition 6.3.1
References