SQL Injection flaw in SuiteCRM

Overview :
SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to 7.11.9 allow SQL Injection.
Affected Product(s) :
  • SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to 7.11.9
Vulnerability Details :
CVE ID : CVE-2019-18784
The SuiteCRM specified versions are prone to SQLi vulnerability. Exploiting this issue allows attackers to do malfunctions according to the code

Solution :

Upgrade to SuiteCRM patched version

 

Common Vulnerabilityies and Exposures

Google Chrome prior 95.0.4638.54 WebApp Installer Remote Code Execution

A vulnerability has been found in Google Chrome (Web Browser) and classified as critical. Affected by this vulnerability is an unknown functionality of the component WebApp Installer. Upgrading to version 95.0.4638.54 eliminates this vulnerability.

Cisco IOS XE SD-WAN CLI os command injection [CVE-2021-1529]

A vulnerability, which was classified as critical, was found in Cisco IOS XE SD-WAN (Router Operating System) (the affected version unknown). This affects an unknown functionality of the component CLI. Upgrading eliminates this vulnerability.

Cisco Integrated Management Controller Web-based Management Interface denial of service

A vulnerability has been found in Cisco Integrated Management Controller (the affected version is unknown) and classified as problematic. This vulnerability affects some unknown functionality of the component Web-based Management Interface. Upgrading eliminates this vulnerability.