Best Software Saleslogix — known CVE vulnerabilities
Every CVE whose affected-product data names Best Software Saleslogix, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2004-1608 — CVSS 7.5 (high): SQL injection vulnerability in SalesLogix 6.1 allows remote attackers to execute arbitrary SQL statements via the id parameter in a view…
CVE-2004-1605 — CVSS 7.5 (high): SalesLogix 6.1 allows remote attackers to bypass authentication by modifying the slxweb cookie to set user=Admin, teams=ADMIN!, and…
CVE-2004-1610 — CVSS 7.5 (high): SalesLogix 6.1 uses client-specified pathnames for writing certain files, which might allow remote authenticated users to create arbitrary…
CVE-2004-1606 — CVSS 6.4 (medium): slxweb.dll in SalesLogix 6.1 allows remote attackers to cause a denial service (application crash) via an invalid HTTP request, which might…
CVE-2004-1611 — CVSS 5.1 (medium): SalesLogix 6.1 does not verify if a user is authenticated before performing sensitive operations, which could allow remote attackers to (1)…
CVE-2004-1609 — CVSS 5.0 (medium): SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote…
CVE-2004-1607 — CVSS 5.0 (medium): slxweb.dll in SalesLogix 6.1 allows remote attackers to obtain sensitive information via a (1) Library or (2) Attachment request with an…