CVE-2004-1225

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0030%

EPSS Percentile40.02th

Published2005年1月10日

Last Modified2026年4月16日

Vulnerability Description

SQL injection vulnerability in SugarCRM Sugar Sales before 2.0.1a allows remote attackers to execute arbitrary SQL commands and gain privileges via the record parameter in a DetailView action to index.php, and record parameters in other functionality.

Affected Platforms (CPE)

📦

Sugarcrm

= 1.0

📦

Sugarcrm

= 1.0f

📦

Sugarcrm

= 1.0g

📦

Sugarcrm

= 1.1

📦

Sugarcrm

= 1.1a

📦

Sugarcrm

= 1.1b

📦

Sugarcrm

= 1.1c

📦

Sugarcrm

= 1.1d

📦

Sugarcrm

= 1.1e

📦

Sugarcrm

= 1.1f

📦

Sugarcrm

= 1.5d

📦

Sugarcrm

= 2.0.1

📦

Sugarcrm

= 2.0.1a

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=110295433323795&w=2

🔗 http://www.gulftech.org/?node=research&article_id=00053-120104

🔗 http://www.securityfocus.com/bid/11740

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/18325

🔗 http://marc.info/?l=bugtraq&m=110295433323795&w=2

🔗 http://www.gulftech.org/?node=research&article_id=00053-120104

🔗 http://www.securityfocus.com/bid/11740

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/18325

Vulnerability Description

Affected Platforms (CPE)

Sugarcrm

Sugarcrm

Sugarcrm

Sugarcrm

Sugarcrm

Sugarcrm

Sugarcrm

Sugarcrm

Sugarcrm

Sugarcrm

Sugarcrm

Sugarcrm

Sugarcrm

References & Advisories

関連する脆弱性情報