CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dolibarr: >> Dolibarr Erp/crm >> 8.0.2 Security Vulnerabilities

CVE-2018-19998

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter.

CVSS Score

8.8

EPSS Score

0.003

Published

2019-01-03

CVE-2018-19992

A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to adherents/type.php.

CVSS Score

5.4

EPSS Score

0.001

Published

2019-01-03

Page 4

Vulnerabilities

Vulnerable Software

Dolibarr: >> Dolibarr Erp/crm >> 8.0.2 Security Vulnerabilities

Products

Pricing

Contact Us