Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dolibarr dolibarr vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-0224
dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
Dolibarr Dolibarr Erp\\/crm
3.5
CVSSv2
CVE-2022-2060
Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr before 16.0.
Dolibarr Dolibarr Erp\\/crm
NA
CVE-2023-5323
Cross-site Scripting (XSS) - Generic in GitHub repository dolibarr/dolibarr before 18.0.
Dolibarr Dolibarr Erp\\/crm
NA
CVE-2022-43138
Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows malicious users to escalate privileges via a crafted API.
Dolibarr Dolibarr Erp\\/crm
4
CVSSv2
CVE-2022-0414
Improper Validation of Specified Quantity in Input in Packagist dolibarr/dolibarr before 16.0.
Dolibarr Dolibarr Erp\\/crm
NA
CVE-2022-40871
Dolibarr ERP & CRM <=15.0.3 is vulnerable to Eval injection. By default, any administrator can be added to the installation page of dolibarr, and if successfully added, malicious code can be inserted into the database and then execute it by eval.
Dolibarr Dolibarr Erp\\/crm
NA
CVE-2023-4198
Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows an unauthorized authenticated user to read a database table containing customer data
Dolibarr Dolibarr Erp\\/crm
NA
CVE-2023-38886
An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privileged malicious user to execute arbitrary code via a crafted command/script.
Dolibarr Dolibarr Erp\\/crm
NA
CVE-2023-38887
File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote malicious user to execute arbitrary code and obtain sensitive information via the extension filtering and renaming functions.
Dolibarr Dolibarr Erp\\/crm
NA
CVE-2023-38888
Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote malicious user to obtain sensitive information and execute arbitrary code via the REST API module, related to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject.
Dolibarr Dolibarr Erp\\/crm
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »