CVE-2023-5350

CRITICAL

Salesagility Suitecrm < 7.14.1 - SQL Injection

Title source: rule

Description

SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1.

Exploits (1)

metasploit WORKING POC
by Exodus Intelligence, jheysel-r7, Redouane NIBOUCHA <[email protected]> · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/suite_crm_export_sqli.rb

References (2)

Scores

CVSS v3 9.1
EPSS 0.1528
EPSS Percentile 94.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE
CWE-89
Status published
Products (1)
salesagility/suitecrm < 7.14.1
Published Oct 03, 2023
Tracked Since Feb 18, 2026