PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management (SugarCRM) 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sugar_suite | Sugarcrm | 3.5 | 3.5 |
Sugar_suite | Sugarcrm | 4.0_beta | 4.0_beta |