Dolibarr: >> Dolibarr Erp/crm >> 3.3.1 Security Vulnerabilities
Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr prior to 16.0.
CVSS Score
8.4
EPSS Score
0.005
Published
2022-06-13
Code Injection in GitHub repository dolibarr/dolibarr prior to 15.0.1.
CVSS Score
7.2
EPSS Score
0.017
Published
2022-03-02
Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-02-25
Improper Access Control (IDOR) in GitHub repository dolibarr/dolibarr prior to 16.0.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-02-23
Improper Validation of Specified Quantity in Input in Packagist dolibarr/dolibarr prior to 16.0.
CVSS Score
4.1
EPSS Score
0.003
Published
2022-01-31
dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
CVSS Score
8.3
EPSS Score
0.005
Published
2022-01-14
Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr.
CVSS Score
4.3
EPSS Score
0.002
Published
2022-01-10
Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php.
CVSS Score
6.1
EPSS Score
0.008
Published
2019-11-20
Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute arbitrary commands.
CVSS Score
9.8
EPSS Score
0.038
Published
2019-11-20
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-11-20