Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dolibarr vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2024-23817
Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Version 18.0.4 has a HTML Injection vulnerability in the Home page of the Dolibarr Application. This vulnerability allows an malicious user to inject arbitrary HTML tags...
Dolibarr Dolibarr 18.0.4
9.8
CVSSv3
CVE-2017-14238
SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM version 6.0.0 allows remote malicious users to execute arbitrary SQL commands via the menuId parameter.
Dolibarr Dolibarr 6.0.0
5.4
CVSSv3
CVE-2017-14239
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 6.0.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) CompanyName, (2) CompanyAddress, (3) CompanyZip, (4) CompanyTown, (5) Fax, (6) EMail, (7) Web, (8) ManagingDirectors, ...
Dolibarr Dolibarr 6.0.0
7.5
CVSSv3
CVE-2017-14240
There is a sensitive information disclosure vulnerability in document.php in Dolibarr ERP/CRM version 6.0.0 via the file parameter.
Dolibarr Dolibarr 6.0.0
5.4
CVSSv3
CVE-2017-14241
Cross-site scripting (XSS) vulnerability in Dolibarr ERP/CRM 6.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the Title parameter to htdocs/admin/menus/edit.php.
Dolibarr Dolibarr 6.0.0
9.8
CVSSv3
CVE-2017-14242
SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote malicious users to execute arbitrary SQL commands via the statut parameter.
Dolibarr Dolibarr 6.0.0
8.8
CVSSv3
CVE-2022-0819
Code Injection in GitHub repository dolibarr/dolibarr before 15.0.1.
Dolibarr Dolibarr Erp\\/crm
9.8
CVSSv3
CVE-2022-40871
Dolibarr ERP & CRM <=15.0.3 is vulnerable to Eval injection. By default, any administrator can be added to the installation page of dolibarr, and if successfully added, malicious code can be inserted into the database and then execute it by eval.
Dolibarr Dolibarr Erp\\/crm
8.8
CVSSv3
CVE-2017-9839
Dolibarr ERP/CRM is affected by SQL injection in versions prior to 5.0.4 via product/stats/card.php (type parameter).
Dolibarr Dolibarr Erp\\/crm
9.8
CVSSv3
CVE-2022-0224
dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
Dolibarr Dolibarr Erp\\/crm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »