Dolibarr ERP/CRM SQL注入漏洞

Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system developed by the Dolibarr Foundation in France. This system can be used to manage products, inventory, invoices, orders, etc. Version 10.0.1 of Dolibarr ERP/CRM has a SQL injection...

CVE-2025-40709

OpenAtlas v8.9.0 is affected by a Cross-Site Scripting (XSS) vulnerability due to inadequate validation of user input in POST requests to /insert/person/, specifically the name and alias-0 parameters. The issue could allow a remote, authenticated attacker to craft queries that steal session cooki...

PT-2025-35207

Name of the Vulnerable Software and Affected Versions: OpenAtlas version 8.9.0 Description: An issue exists in OpenAtlas that could allow a remote user to send specially crafted queries to an authenticated user and potentially steal their session cookie details. This is due to inadequate validati...

CVE-2018-0390

A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based DOM-based cross-site scripting XSS attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input...