Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dolibarr vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-30253
Dolibarr prior to 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.
Dolibarr Dolibarr Erp\\/crm
8.8
CVSSv3
CVE-2023-4197
Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an malicious user to inject and evaluate arbitrary PHP code.
Dolibarr Dolibarr Erp\\/crm
6.5
CVSSv3
CVE-2023-4198
Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows an unauthorized authenticated user to read a database table containing customer data
Dolibarr Dolibarr Erp\\/crm
4.3
CVSSv3
CVE-2022-0174
Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr.
Dolibarr Dolibarr Erp\\/crm
6.5
CVSSv3
CVE-2022-0731
Improper Access Control (IDOR) in GitHub repository dolibarr/dolibarr before 16.0.
Dolibarr Dolibarr Erp\\/crm
4.3
CVSSv3
CVE-2022-0746
Business Logic Errors in GitHub repository dolibarr/dolibarr before 16.0.
Dolibarr Dolibarr Erp\\/crm
6.1
CVSSv3
CVE-2023-5323
Cross-site Scripting (XSS) - Generic in GitHub repository dolibarr/dolibarr before 18.0.
Dolibarr Dolibarr Erp\\/crm
5.4
CVSSv3
CVE-2017-9838
Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting (XSS) vulnerabilities in versions prior to 5.0.4: index.php (leftmenu parameter), core/ajax/box.php (PATH_INFO), product/stats/card.php (type parameter), holiday/list.php (month_create, month_start, and month...
Dolibarr Dolibarr Erp\\/crm
4.3
CVSSv3
CVE-2022-0414
Improper Validation of Specified Quantity in Input in Packagist dolibarr/dolibarr before 16.0.
Dolibarr Dolibarr Erp\\/crm
9.8
CVSSv3
CVE-2022-43138
Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows malicious users to escalate privileges via a crafted API.
Dolibarr Dolibarr Erp\\/crm
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »