VULHUB ™

SUgarCRM and SugarSales are reported prone to a vulnerability that may allow attackers to influence the include path for external files. This vulnerability allows arbitrary script code to be executed in the context of the web server hosting the affected software. In the case of including local files, this may expose sensitive information. In the case of including remote files, it is possible to include a malicious PHP script from a remote source.

SUgarCRM and SugarSales are reported prone to a vulnerability that may allow attackers to influence the include path for external files. This vulnerability allows arbitrary script code to be executed in the context of the web server hosting the affected software. In the case of including local files, this may expose sensitive information. In the case of including remote files, it is possible to include a malicious PHP script from a remote source.