CVE-2022-2060 – Cross-site Scripting (XSS) - Stored in dolibarr/dolibarr
https://notcve.org/view.php?id=CVE-2022-2060
Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr prior to 16.0. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub dolibarr/dolibarr versiones anteriores a 16.0 • https://github.com/dolibarr/dolibarr/commit/2b5b9957c3010a5db9d1988c2efe5b209b16b47f https://huntr.dev/bounties/2acfc8fe-247c-4f88-aeaa-042b6b8690a0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-30875
https://notcve.org/view.php?id=CVE-2022-30875
Dolibarr 12.0.5 is vulnerable to Cross Site Scripting (XSS) via Sql Error Page. Dolibarr versión 12.0.5 es vulnerable a un ataque de tipo Cross Site Scripting (XSS) por medio de Sql Error Page • https://github.com/mustgundogdu/Research/edit/main/Dolibar_12.0.5-ReflectedXSS%2C https://github.com/mustgundogdu/Research/edit/main/Dolibar_12.0.5-ReflectedXSS/README.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-0819 – Code Injection in dolibarr/dolibarr
https://notcve.org/view.php?id=CVE-2022-0819
Code Injection in GitHub repository dolibarr/dolibarr prior to 15.0.1. Una Inyección de Código en el repositorio GitHub dolibarr/dolibarr versiones anteriores a 15.0.1 • https://github.com/dolibarr/dolibarr/commit/2a48dd349e7de0d4a38e448b0d2ecbe25e968075 https://huntr.dev/bounties/b03d4415-d4f9-48c8-9ae2-d3aa248027b5 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2022-0746 – Business Logic Errors in dolibarr/dolibarr
https://notcve.org/view.php?id=CVE-2022-0746
Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0. Unos Errores de Lógica de Negocios en el repositorio de GitHub dolibarr/dolibarr versiones anteriores a 16.0. • https://github.com/dolibarr/dolibarr/commit/4973019630d51ad76b7c1a4141ec7a33053a7d21 https://huntr.dev/bounties/b812ea22-0c02-46fe-b89f-04519dfb1ebd • CWE-840: Business Logic Errors •
CVE-2022-0731 – Improper Access Control (IDOR) in dolibarr/dolibarr
https://notcve.org/view.php?id=CVE-2022-0731
Improper Access Control (IDOR) in GitHub repository dolibarr/dolibarr prior to 16.0. Un Control de Acceso Inapropiado (IDOR) en el repositorio de GitHub dolibarr/dolibarr versiones anteriores a 16.0 • https://github.com/dolibarr/dolibarr/commit/209ab708d4b65fbd88ba4340d60b7822cb72651a https://huntr.dev/bounties/e242ab4e-fc70-4b2c-a42d-5b3ee4895de8 • CWE-284: Improper Access Control CWE-639: Authorization Bypass Through User-Controlled Key •