cpe:/a:sugarcrm:sugarcrm:9.0.0::~~enterprise~~~ CVE-2019-17310 2019-10-07T12:15:12.977-04:00 2019-10-09T13:35:26.890-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2019-10-09T09:43:00.637-04:00 MISC https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2019-037/ SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection in the Campaigns module by an Admin user.