CVE-2022-50589
SuiteCRM < 7.12.6 SQL Injection via 'export' Functionality
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
SuiteCRM versions prior to 7.12.6 contain a SQL injection vulnerability within the processing of the ‘uid’ parameter within the ‘export’ functionality. Successful exploitation allows remote unauthenticated attackers to ultimately execute arbitrary code.
| CWE | CWE-89 |
| Vendor | suitecrm |
| Product | suitecrm |
| Published | Nov 6, 2025 |
| Last Updated | Jul 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for suitecrm suitecrm
Be the first to know when new unknown vulnerabilities affecting suitecrm suitecrm are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
SuiteCRM / SuiteCRM
0 < 7.12.6
References
Credits
Exodus Intelligence