CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-17897

SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c
https://github.com/Dolibarr/dolibarr/commit/4a5988accbb770b74105baacd5a034689272128c

Products affected by CVE-2017-17897

Dolibarr » Dolibarr Erp/crm » Version: 6.0.4

cpe:2.3:a:dolibarr:dolibarr_erp/crm:6.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17897

Products

Pricing

Contact Us