CVEDB API

Vulnerabilities

Vulnerable Software

Dolibarr: >> Dolibarr Erp/crm >> 7.0.0 Security Vulnerabilities

CVE-2022-0174

Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr.

CVSS Score

4.3

EPSS Score

0.002

Published

2022-01-10

CVE-2019-1010054

Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: allow malitious html to change user password, disable users and disable password encryptation. The component is: Function User password change, user disable and password encryptation. The attack vector is: admin access malitious urls.

CVSS Score

8.8

EPSS Score

0.008

Published

2019-07-18

CVE-2017-18259

Dolibarr ERP/CRM is affected by stored Cross-Site Scripting (XSS) in versions through 7.0.0.

CVSS Score

5.4

EPSS Score

0.002

Published

2018-04-11

CVE-2017-18260

Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter).

CVSS Score

8.8

EPSS Score

0.002

Published

2018-04-11

Page 3

Vulnerabilities

Vulnerable Software

Dolibarr: >> Dolibarr Erp/crm >> 7.0.0 Security Vulnerabilities

Products

Pricing

Contact Us