Vulnerability Overview This vulnerability exists in the SuiteCRM system, specifically involving the parameter. It is a SQL Injection vulnerability. Vulnerability Title: SuiteCRM 7.10.7 - 'parentTab' SQL Injection Author: Mehmet EMROGLU Publication Date: 2019-02-04 Type: Webapps Platform: PHP Scope of Impact Affected Software: SuiteCRM Affected Versions: 7.10.7 Test Environment: wamp @en Remediation The page does not provide specific remediation code; however, for this type of SQL injection vulnerability, the following measures are generally recommended: 1. Strictly validate and filter all user-supplied input (especially the parameter). 2. Use prepared statements (Prepared Statements) or parameterized queries to construct database requests, avoiding direct concatenation of SQL strings. POC/Exploit Code