[KIS-2016-06] SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability

Posted by Egidio Romano on Jun 23

—————————————————————————–
SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability
—————————————————————————–

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.18 CE and other versions.

[-] Vulnerability Description:

The vulnerable code is located within the MySugar::addDashlet() method:…

Leave a Reply