CyberSec.Space Logo
返回 CVE 浏览器

CVE-2005-4087

HIGH
7.5
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile16.07th
Published2005年12月8日
Last Modified2026年4月16日

Vulnerability Description

PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter.

Affected Platforms (CPE)

📦
Sugarcrm

Sugar Suite

= 3.5
📦
Sugarcrm

Sugar Suite

= 4.0_beta

References & Advisories

🔗 http://securityreason.com/securityalert/239
🔗 http://www.securityfocus.com/archive/1/418840
🔗 http://www.securityfocus.com/bid/15760
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/23541
🔗 http://securityreason.com/securityalert/239
🔗 http://www.securityfocus.com/archive/1/418840
🔗 http://www.securityfocus.com/bid/15760
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/23541

相关漏洞威胁

CVE-2006-50827.5

Unspecified vulnerability in Sugar Suite Open Source (SugarCRM) before 4.2.1 Patch C (20060917) has unspecified impact, related to...

CVE-2006-24606.4

Sugar Suite Open Source (SugarCRM) 4.2 and earlier, when register_globals is enabled, does not protect critical variables such as ...

CVE-2005-40865.0

Directory traversal vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 ...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...