SugarCRM 6.1.1 - Information Disclosure
| EKU-ID: 40087 | CVE: CVE-2011-0745;OSVDB-74888 | OSVDB-ID: |
| Author: RedTeam Pentesting GmbH | Published: 2011-03-15 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 40087 | CVE: CVE-2011-0745;OSVDB-74888 | OSVDB-ID: |
| Author: RedTeam Pentesting GmbH | Published: 2011-03-15 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/46885/info SugarCRM is prone to an information-disclosure vulnerability because it fails to restrict access to certain application data. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. http://www.example.org/sugarcrm/index.php?module=Accounts&action=ShowDuplicates http://www.example.org/sugarcrm/index.php?module=Contacts&action=ShowDuplicates