Full Disclosure

[KIS-2016-06] SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability

June 23, 2016 007admin Leave a comment

Posted by Egidio Romano on Jun 23

—————————————————————————–
SugarCRM <= 6.5.18 (MySugar::addDashlet) Insecure fopen() Usage Vulnerability
—————————————————————————–

[-] Software Link:

http://www.sugarcrm.com/

[-] Affected Versions:

Version 6.5.18 CE and other versions.

[-] Vulnerability Description:

The vulnerable code is located within the MySugar::addDashlet() method:…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information