CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

NVD•added 2026/05/08 3:16 p.m.•8 views

CVE-2025-67486

Dolibarr is an enterprise resource planning ERP and customer relationship management CRM software package. Versions 22.0.2 and earlier contains an authenticated remote code execution vulnerability in the user extrafields functionality. User-controlled input from the "computed value" field is pass...

8.6CVSS0.00881EPSS

Exploits1References2

ATTACKERKB•added 2026/05/08 2:21 p.m.•3 views

CVE-2025-67486

8.6CVSS6.7AI score0.00881EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/05/08 2:21 p.m.•29 views

CVE-2025-67486 Dolibarr has an Authenticated Remote Code Execution via eval() injection in user extrafields

8.6CVSS0.00881EPSS

Exploits1References2

CVE•added 2026/05/08 2:21 p.m.•10 views

CVE-2025-67486

Dolibarr ERP/CRM (versions 22.0.2 and earlier) is affected by an authenticated remote code execution via eval() injection in the user extrafields feature. User-controlled input from the “computed value” field is passed to PHP eval without proper sanitization, enabling an authenticated administrat...

8.6CVSS6.7AI score0.00881EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2026/05/08 2:21 p.m.•7 views

CVE-2025-67486 Dolibarr has an Authenticated Remote Code Execution via eval() injection in user extrafields

8.6CVSS6.7AI score0.00881EPSS

Exploits1References2

Positive Technologies•added 2026/05/08 12:0 a.m.•11 views

PT-2026-39008

Name of the Vulnerable Software and Affected Versions Dolibarr versions 22.0.2 and earlier Description An authenticated remote code execution issue exists in the user extrafields functionality of this ERP and CRM software. User-controlled input from the "computed value" field is passed to the PHP...

8.6CVSS6.7AI score0.00881EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by