Damon Wood

Name of the Vulnerable Software and Affected Versions: SugarCRM Sugar Sales versions prior to 2.0.1a Description: The issue allows remote attackers to execute arbitrary SQL commands and gain privileges. This is achieved via the `record` parameter in a DetailView action to "index.php", and `record` parameters in other functionality. Recommendations: For versions prior to 2.0.1a, update to version 2.0.1a or later to resolve the issue. As a temporary workaround, consider restricting access to the DetailView action in index.php to minimize the risk of exploitation. Avoid using the `record` parameter in affected functionality until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: SugarCRM Sugar Sales versions 2.0.1c and earlier Description: The issue allows remote attackers to gain sensitive information via certain requests to scripts that contain invalid input, which reveals the path in an error message. This can be demonstrated using the phprint.php script with an empty `module` parameter. Recommendations: For SugarCRM Sugar Sales versions 2.0.1c and earlier, consider restricting access to the phprint.php script until a fix is available. As a temporary workaround, avoid using the phprint.php script with an empty `module` parameter to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: SugarCRM Sugar Sales versions 2.0.1c and earlier Description: A directory traversal issue allows remote attackers to read arbitrary files and possibly execute arbitrary PHP code via .. (dot dot) sequences in the `module`, `action`, or `theme` parameters to "index.php", the `theme` parameter to "Login.php", and possibly other parameters or scripts. Recommendations: For SugarCRM Sugar Sales versions 2.0.1c and earlier, as a temporary workaround, consider restricting access to the vulnerable parameters `module`, `action`, and `theme` in "index.php" and the `theme` parameter in "Login.php" until a patch is available.

Name of the Vulnerable Software and Affected Versions: SugarCRM Sugar Sales versions 2.0.1c and earlier Description: The issue arises from the install scripts not being removed after installation, allowing attackers to obtain the MySQL administrative password in cleartext or cause a denial of service by altering database settings to their default values. Recommendations: For SugarCRM Sugar Sales versions 2.0.1c and earlier, remove the install scripts after installation to prevent potential attacks.