Fatfreecrm » Fat Free Crm : Security Vulnerabilities, CVEs, (Sql injection)
Multiple SQL injection vulnerabilities in app/controllers/home_controller.rb in Fat Free CRM before 0.12.1 allow remote authenticated users to execute arbitrary SQL commands via (1) the homepage timeline feature or (2) the activity feature.
Max CVSS
6.5
EPSS Score
0.32%
Published
2014-01-02
Updated
2014-01-03
1 vulnerabilities found