cvedb.io
CVE-2022-50589
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2025-11-06T20:15:36.787 · Last modified 2026-07-15T02:17:06.100

Summary

SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerability within the processing of the ‘uid’ parameter within the ‘export’ functionality. Successful exploitation allows remote unauthenticated attackers to ultimately execute arbitrary code.

Affected products

salesagility — suitecrm

Does this affect you?

Add your gear to cvedb and we'll alert you only when salesagility ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.