Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dolibarr dolibarr vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-19212
Dolibarr ERP/CRM 3.0 up to and including 10.0.3 allows XSS via the qty parameter to product/fournisseurs.php (product price screen).
Dolibarr Dolibarr
7.5
CVSSv3
CVE-2019-19209
Dolibarr ERP/CRM prior to 10.0.3 allows SQL Injection.
Dolibarr Dolibarr
6.1
CVSSv3
CVE-2019-19211
Dolibarr ERP/CRM prior to 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS.
Dolibarr Dolibarr
5.4
CVSSv3
CVE-2019-19210
Dolibarr ERP/CRM prior to 10.0.3 allows XSS because uploaded HTML documents are served as text/html despite being renamed to .noexe files.
Dolibarr Dolibarr
5.4
CVSSv3
CVE-2020-9016
Dolibarr 11.0 allows XSS via the joinfiles, topic, or code parameter, or the HTTP Referer header.
Dolibarr Dolibarr Erp\\/crm 11.0.0
6.1
CVSSv3
CVE-2020-7994
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 10.0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) label[libelle] parameter to the /htdocs/admin/dict.php?id=3 page; the (2) name[constname] parameter to the /htdocs/admin/const.ph...
Dolibarr Dolibarr Erp\\/crm 10.0.6
9.8
CVSSv3
CVE-2020-7995
The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts.
Dolibarr Dolibarr Erp\\/crm 10.0.6
6.1
CVSSv3
CVE-2020-7996
htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header.
Dolibarr Dolibarr Erp\\/crm 10.0.6
5.4
CVSSv3
CVE-2019-19206
Dolibarr CRM/ERP 10.0.3 allows viewimage.php?file= Stored XSS due to JavaScript execution in an SVG image for a profile picture.
Dolibarr Dolibarr Erp\\/crm 10.0.3
6.1
CVSSv3
CVE-2013-2092
Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote malicious users to inject arbitrary web script or HTML in functions.lib.php.
Dolibarr Dolibarr Erp\\/crm 3.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »