Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dolibarr erp crm vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-33568
An issue in Dolibarr 16 prior to 16.0.5 allows unauthenticated malicious users to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists.
Dolibarr Dolibarr Erp/crm
3.5
CVSSv2
CVE-2017-18259
Dolibarr ERP/CRM is affected by stored Cross-Site Scripting (XSS) in versions up to and including 7.0.0.
Dolibarr Dolibarr Erp/crm
6.5
CVSSv2
CVE-2017-18260
Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions up to and including 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter).
Dolibarr Dolibarr Erp/crm
6.5
CVSSv2
CVE-2022-0819
Code Injection in GitHub repository dolibarr/dolibarr before 15.0.1.
Dolibarr Dolibarr Erp/crm
NA
CVE-2023-38886
An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privileged malicious user to execute arbitrary code via a crafted command/script.
Dolibarr Dolibarr Erp/crm
NA
CVE-2023-38887
File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote malicious user to execute arbitrary code and obtain sensitive information via the extension filtering and renaming functions.
Dolibarr Dolibarr Erp/crm
NA
CVE-2023-38888
Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote malicious user to obtain sensitive information and execute arbitrary code via the REST API module, related to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject.
Dolibarr Dolibarr Erp/crm
NA
CVE-2023-5842
Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr before 16.0.5.
Dolibarr Dolibarr Erp/crm
3.5
CVSSv2
CVE-2022-2060
Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr before 16.0.
Dolibarr Dolibarr Erp/crm
NA
CVE-2023-30253
Dolibarr prior to 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.
Dolibarr Dolibarr Erp/crm
3 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »