Total
22 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-18260 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-02-04 | 6.5 MEDIUM | 8.8 HIGH |
Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter). | |||||
CVE-2018-13450 | 1 Dolibarr | 1 Dolibarr Erp\/crm | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the status_batch parameter. |