Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dolibarr erp crm vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-7996
htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header.
Dolibarr Dolibarr Erp\\/crm 10.0.6
7.5
CVSSv2
CVE-2018-13447
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote malicious users to execute arbitrary SQL commands via the statut parameter.
Dolibarr Dolibarr Erp\\/crm 7.0.3
7.5
CVSSv2
CVE-2018-13448
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote malicious users to execute arbitrary SQL commands via the country_id parameter.
Dolibarr Dolibarr Erp\\/crm 7.0.3
7.5
CVSSv2
CVE-2018-13449
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote malicious users to execute arbitrary SQL commands via the statut_buy parameter.
Dolibarr Dolibarr Erp\\/crm 7.0.3
7.5
CVSSv2
CVE-2018-13450
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote malicious users to execute arbitrary SQL commands via the status_batch parameter.
Dolibarr Dolibarr Erp\\/crm 7.0.3
4.6
CVSSv2
CVE-2017-8879
Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the current password, which makes it easier for physically proximate malicious users to obtain access via an unattended workstation.
Dolibarr Dolibarr Erp\\/crm 4.0.4
7.5
CVSSv2
CVE-2012-1226
Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote malicious users to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the (1) file parameter to document.php or (2) backtopage parameter in a create action to comm/ac...
Dolibarr Dolibarr Erp\\/crm 3.2.0
2 EDB exploits
4.3
CVSSv2
CVE-2013-2092
Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote malicious users to inject arbitrary web script or HTML in functions.lib.php.
Dolibarr Dolibarr Erp\\/crm 3.3.1
3.5
CVSSv2
CVE-2018-19992
A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to adherents/type.php.
Dolibarr Dolibarr Erp\\/crm 8.0.2
4.3
CVSSv2
CVE-2018-19993
A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote malicious users to inject arbitrary web script or HTML via the transphrase parameter to public/notice.php.
Dolibarr Dolibarr Erp\\/crm 8.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »