NotCVE - vendor:"Dolibarr" product:"Dolibarr Erp\/crm" version:"8.0.2"

Page 4 of 22 results (0.011 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-0224 – SQL Injection in dolibarr/dolibarr

https://notcve.org/view.php?id=CVE-2022-0224

dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command dolibarr es vulnerable a una Neutralización Inapropiada de los Elementos Especiales usados en un Comando SQL • https://github.com/dolibarr/dolibarr/commit/b9b45fb50618aa8053961f50bc8604b188d0ea79 https://huntr.dev/bounties/f1d1ce3e-ca92-4c7b-b1b8-934e28eaa486 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-0174 – Improper Validation of Specified Quantity in Input in dolibarr/dolibarr

https://notcve.org/view.php?id=CVE-2022-0174

Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr. dolibarr es vulnerable a Errores de Lógica de Negocio • https://github.com/dolibarr/dolibarr/commit/d892160f4f130385a3ce520f66cb8cf2eb8c5c32 https://huntr.dev/bounties/ed3ed4ce-3968-433c-a350-351c8f8b60db • CWE-1284: Improper Validation of Specified Quantity in Input •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-19998

https://notcve.org/view.php?id=CVE-2018-19998

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter. Una vulnerabilidad de inyección SQL basada en errores en la versión 8.0.2 de Dolibarr permite a los atacantes remotos autenticados ejecutar comandos SQL arbitrarios mediante el parámetro "employee". • https://github.com/Dolibarr/dolibarr/commit/2b088a73c121a52e006c0d76ea4da7ffeb7b4f4a https://github.com/Dolibarr/dolibarr/commit/bacd5110fbdc81a35030fdc322775fa15ea85924 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-19993

https://notcve.org/view.php?id=CVE-2018-19993

A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the transphrase parameter to public/notice.php. Una vulnerabilidad de Cross-Site Scripting (XSS) reflejado en la versión 8.0.2 de Dolibarr permite que los atacantes remotos inyecten scripts web o HTML arbitrarios mediante el parámetro transphrase en public/notice.php. • https://github.com/Dolibarr/dolibarr/commit/fc3fcc5455d9a610b85723e89e8be43a41ad1378 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-19992

https://notcve.org/view.php?id=CVE-2018-19992

A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to adherents/type.php. Una vulnerabilidad de Cross-Site Scripting (XSS) persistente en Dolibarr, en versiones anteriores a la 8.0.2, permite que los atacantes remotos autenticados inyecten scripts web o HTML arbitrarios mediante el parámetro "address" (POST) o "town" (POST) en adherents/type.php. • https://github.com/Dolibarr/dolibarr/commit/0f06e39d23636bd1e4039ac61a743c79725c798b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2 3 4 5