Vulnerabilities > Dolibarr

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-07	CVE-2018-16809	SQL Injection vulnerability in Dolibarr An issue was discovered in Dolibarr through 7.0.0. network low complexity dolibarr CWE-89	7.5
2019-03-07	CVE-2018-16808	Cross-site Scripting vulnerability in Dolibarr An issue was discovered in Dolibarr through 7.0.0. network dolibarr CWE-79	4.3
2019-01-03	CVE-2018-19998	SQL Injection vulnerability in Dolibarr Erp/Crm 8.0.2 SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter. network low complexity dolibarr CWE-89	8.8
2019-01-03	CVE-2018-19995	Cross-site Scripting vulnerability in Dolibarr Erp/Crm 8.0.2 A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to user/card.php. network low complexity dolibarr CWE-79	5.4
2019-01-03	CVE-2018-19994	SQL Injection vulnerability in Dolibarr Erp/Crm 8.0.2 An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter. network low complexity dolibarr CWE-89	8.8
2019-01-03	CVE-2018-19993	Cross-site Scripting vulnerability in Dolibarr Erp/Crm 8.0.2 A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the transphrase parameter to public/notice.php. network low complexity dolibarr CWE-79	6.1
2019-01-03	CVE-2018-19992	Cross-site Scripting vulnerability in Dolibarr Erp/Crm 8.0.2 A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to adherents/type.php. network low complexity dolibarr CWE-79	5.4
2018-12-26	CVE-2018-19799	Cross-site Scripting vulnerability in Dolibarr Dolibarr ERP/CRM through 8.0.3 has /exports/export.php?datatoexport= XSS. network dolibarr CWE-79	4.3
2018-07-08	CVE-2018-13450	SQL Injection vulnerability in Dolibarr Erp/Crm 7.0.3 SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the status_batch parameter. network low complexity dolibarr CWE-89	7.5
2018-07-08	CVE-2018-13449	SQL Injection vulnerability in Dolibarr Erp/Crm 7.0.3 SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut_buy parameter. network low complexity dolibarr CWE-89	7.5

Vulnerabilities > Dolibarr {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Dolibarr"}]}

Vulnerabilities > Dolibarr