Full title: SugarCRM 13.0.1 Shell Upload Exploit 
Category: web applications
Platform: php
SugarCRM versions 13.0.1 and below suffer from a remote shell upload vulnerability in the set_note_attachment SOAP call.

# 0day.today @ http://0day.today/