Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dolibarr vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-34051
A Reflected Cross-site scripting (XSS) vulnerability located in htdocs/compta/paiement/card.php of Dolibarr prior to 19.0.2 allows remote malicious users to inject arbitrary web script or HTML via a crafted payload injected into the facid parameter.
NA
CVE-2024-5314
Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote malicious user to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters so...
NA
CVE-2024-5315
Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote malicious user to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters vi...
NA
CVE-2024-31503
Incorrect access control in Dolibarr ERP CRM versions 19.0.0 and before, allows authenticated malicious users to steal victim users' session cookies and CSRF protection tokens via user interaction with a crafted web page, leading to account takeover.
NA
CVE-2024-29477
Lack of sanitization during Installation Process in Dolibarr ERP CRM up to version 19.0.0 allows an attacker with adjacent access to the network to execute arbitrary code via a specifically crafted input.
NA
CVE-2024-23817
Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Version 18.0.4 has a HTML Injection vulnerability in the Home page of the Dolibarr Application. This vulnerability allows an malicious user to inject arbitrary HTML tags...
Dolibarr Dolibarr Erp\\/crm 18.0.4
NA
CVE-2023-4198
Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows an unauthorized authenticated user to read a database table containing customer data
Dolibarr Dolibarr Erp\\/crm
NA
CVE-2023-4197
Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an malicious user to inject and evaluate arbitrary PHP code.
Dolibarr Dolibarr Erp\\/crm
1 Github repository
NA
CVE-2023-5842
Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr before 16.0.5.
Dolibarr Dolibarr Erp\\/crm
NA
CVE-2023-5323
Cross-site Scripting (XSS) - Generic in GitHub repository dolibarr/dolibarr before 18.0.
Dolibarr Dolibarr Erp\\/crm
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »