Skip to content
Saturday, December 6, 2025
Critical Published: Nov 06, 2025 Modified: Nov 24, 2025

CVE-2022-50589

9.8 CVSS SCORE
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Share:

Description

SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerability within the processing of the ‘uid’ parameter within the ‘export’ functionality. Successful exploitation allows remote unauthenticated attackers to ultimately execute arbitrary code.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Affected Software Configurations

  • a salesagility suitecrm * * * * * * * *

Weaknesses (CWE)

  • CWE-89

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More
← Back to CVE Tracker