CNNVD-202511-516 Information

CNNVD ID

CNNVD-202511-516

Related CVE

CVE-2022-50589

• CNNVD Published: 2025-11-06

Description (Chinese)

SuiteCRM是SuiteCRM团队的一个客户关系管理系统。 SuiteCRM 7.12.6之前版本存在安全漏洞，该漏洞源于处理导出功能中参数uid时存在SQL注入漏洞，可能导致执行任意代码。

Description (English)

SuiteCRM is a customer relationship management system for the SuiteCRM team. The security gap in the pre-SiteCRM version 7.12.6 stems from the SQL injection gap in the processing of uid in the export function, which may lead to the implementation of any code.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

SuiteCRM

Published

2025-11-06

Last Modified

2026-02-24

References

https://blog.exodusintel.com/2022/06/09/salesagility-suitecrm-export-request-sql-injection-vulnerability/ https://docs.suitecrm.com/admin/releases/7.12.x/#_7_12_6 https://www.vulncheck.com/advisories/suitecrm-sqli-via-export-functionality

Patch

https://docs.suitecrm.com/admin/releases/7.12.x/#_7_12_6