Vulnerabilities > Dolibarr

DATE	CVE	VULNERABILITY TITLE	RISK
2022-11-21	CVE-2022-4093	SQL Injection vulnerability in Dolibarr Erp/Crm 16.0.1/16.0.2 SQL injection attacks can result in unauthorized access to sensitive data, such as passwords, credit card details, or personal user information. network low complexity dolibarr CWE-89 critical	9.8
2022-11-17	CVE-2022-43138	Unspecified vulnerability in Dolibarr Erp/Crm Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API. network low complexity dolibarr critical	9.8
2022-10-12	CVE-2022-40871	Code Injection vulnerability in Dolibarr Erp/Crm Dolibarr ERP & CRM <=15.0.3 is vulnerable to Eval injection. network low complexity dolibarr CWE-94 critical	9.8
2022-06-13	CVE-2022-2060	Cross-site Scripting vulnerability in Dolibarr Erp/Crm Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr prior to 16.0. network low complexity dolibarr CWE-79	5.4
2022-06-08	CVE-2022-30875	Cross-site Scripting vulnerability in Dolibarr Erp/Crm 12.0.5 Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page. network low complexity dolibarr CWE-79	6.1
2022-03-31	CVE-2021-37517	Incorrect Authorization vulnerability in Dolibarr Erp/Crm 13.0.2 An Access Control vulnerability exists in Dolibarr ERP/CRM 13.0.2, fixed version is 14.0.0,in the forgot-password function becuase the application allows email addresses as usernames, which can cause a Denial of Service. network low complexity dolibarr CWE-863	5.0
2022-03-31	CVE-2021-36625	SQL Injection vulnerability in Dolibarr Erp/Crm 13.0.2 An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 (fixed version is 14.0.0) via a POST request to the country_id parameter in an UPDATE statement. network low complexity dolibarr CWE-89	6.5
2022-03-02	CVE-2022-0819	Unspecified vulnerability in Dolibarr Erp/Crm Code Injection in GitHub repository dolibarr/dolibarr prior to 15.0.1. network low complexity dolibarr	8.8
2022-02-25	CVE-2022-0746	Unspecified vulnerability in Dolibarr Erp/Crm Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0. network low complexity dolibarr	4.3
2022-02-23	CVE-2022-0731	Authorization Bypass Through User-Controlled Key vulnerability in Dolibarr Erp/Crm Improper Access Control (IDOR) in GitHub repository dolibarr/dolibarr prior to 16.0. network low complexity dolibarr CWE-639	6.5

Vulnerabilities > Dolibarr {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Dolibarr"}]}

Vulnerabilities > Dolibarr