37 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-9997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/pucestatut.php involving the $id parameter, as demonstrated by a...
GHSA-JJGQ-JQ8G-24W4 Dolibarr SQL injection vulnerability in don/list.php
SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter...
Dolibarr SQL injection vulnerability in product/card.php
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter...
Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2018-13460)
Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in the product/card.php...
Sql injection
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter...
UBUNTU-CVE-2018-13447
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter...
CVE-2018-13447
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter...
PT-2018-11830 · Dolibarr · Dolibarr Erp/Crm
Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM version 7.0.3 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the statut parameter in the product/card.php file. Recommendations: For Dolibarr ERP/CRM version 7.0.3, avoi...
UBUNTU-CVE-2017-18260
Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php viewstatut parameter or comm/propal/list.php propalstatut parameter, aka searchstatut parameter...
Dolibarr ERP/CRM on/list.php File SQL Injection Vulnerability
Dolibarr ERP/CRM is an open source software/freeware for small and medium-sized businesses, organizations or freelancers. It includes different features such as Enterprise Resource Planning ERP and Customer Relationship Management CRM, as well as applications for other different activities. A SQL...
UBUNTU-CVE-2017-14242
SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter...
CVE-2017-14242
SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter...
CVE-2017-14242
SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands via the statut parameter...
UBUNTU-CVE-2017-9435
Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php searchsupervisor and searchstatut parameters...
SPIP cross-site scripting vulnerability (CNVD-2016-13015)
SPIP is a free Web-based content publishing system. The system is primarily used for online collaboration. A cross-site scripting vulnerability exists in the /ecrire/exec/pucestatut.php file in SPIP 3.1.x. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML wit...
DEBIAN-CVE-2016-9997
SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/pucestatut.php involving the $id parameter, as demonstrated by a /ecrire/?exec=pucestatut URL...
UBUNTU-CVE-2016-9997
SPIP 3.1.x suffers from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/pucestatut.php involving the $id parameter, as demonstrated by a /ecrire/?exec=pucestatut URL...