Lucene search
China National Vulnerability DatabaseCNVD-2022-85108HistoryApr 01, 2022 - 12:00 a.m.
Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2022-85108)
2022-04-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.001 Low
EPSS
Percentile
37.2%
Dolibarr ERP/CRM is a web-based enterprise resource planning (ERP) and customer relationship management (CRM) system from the French Dolibarr Foundation. The system can be used to manage products, inventory, invoices, orders, etc. A SQL injection vulnerability exists in Dolibarr ERP/CRM, which stems from the fact that a POST request for the country_id parameter in the UPDATE statement may lead to SQL injection. No detailed vulnerability details are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dolibarr erp/crm | eq | 13.0.2 |
Related
prion
prion
Sql injection
2022-03-31 18:15:00
osv
osv
CVE-2021-36625
2022-03-31 18:15:07
SQL Injection in Dolibarr
2022-04-01 00:00:41
nvd
nvd
CVE-2021-36625
2022-03-31 18:15:07
ubuntucve
ubuntucve
CVE-2021-36625
2022-03-31 00:00:00
cve
cve
CVE-2021-36625
2022-03-31 18:15:07
veracode
veracode
SQL Injection
2022-04-01 11:10:27
cvelist
cvelist
CVE-2021-36625
2022-03-31 17:50:36
github
github
SQL Injection in Dolibarr
2022-04-01 00:00:41