Dolibarr SQL injection vulnerability in product/card.php

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...

GHSA-M5RG-G6F9-8WPW Dolibarr SQL injection vulnerability in product/card.php

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...

Dolibarr SQL injection vulnerability in product/card.php

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter...

GHSA-G5MQ-V9HF-958H Dolibarr SQL injection vulnerability in product/card.php

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statutbuy parameter...

Dolibarr SQL injection vulnerability in product/card.php

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statusbatch parameter...

Dolibarr stored cross-site scripting (XSS) vulnerability

A stored cross-site scripting XSS vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" POST or "town" POST parameter to user/card.php...

GHSA-3V8X-286H-9PXP Dolibarr stored cross-site scripting (XSS) vulnerability

A stored cross-site scripting XSS vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" POST or "town" POST parameter to user/card.php...

Dolibarr error-based SQL injection vulnerability in product/card.php

An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter...

GHSA-78HJ-952Q-99RW Dolibarr error-based SQL injection vulnerability in product/card.php

An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter...

Dolibarr SQL injection vulnerability in user/card.php

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter...

GHSA-97JV-2HP6-3FRJ Dolibarr SQL injection vulnerability in user/card.php

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter...

Cross-site Scripting (XSS)

dolibarr/dolibarr is vulnerable to cross-site scripting XSS attacks. Insufficient checks in card.php allow an remote attacker to insert arbitrary Javascript through the ticket creation flow...

WUZHI CMS SQL Injection Vulnerability (CNVD-2021-99301)

WUZHI CMS Five Fingers CMS is a high-performance open source content management system that supports the LNAMP architecture, suitable for portals, corporate websites, mobile sites, microsoft promotion. WUZHI CMS version 4.1.0 has a SQL injection vulnerability. The attacker can use the keywords...

CVE-2021-40670

SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file...

CVE-2021-40670

SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file...

CVE-2021-40670

SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file...

CVE-2020-13828

Dolibarr 11.0.4 is affected by multiple stored Cross-Site Scripting XSS vulnerabilities that could allow remote authenticated attackers to inject arbitrary web script or HTML via ticket/card.php?action=create with the subject, message, or address parameter; adherents/card.php with the societe or...

CVE-2020-13828

Dolibarr 11.0.4 is affected by multiple stored Cross-Site Scripting XSS vulnerabilities that could allow remote authenticated attackers to inject arbitrary web script or HTML via ticket/card.php?action=create with the subject, message, or address parameter; adherents/card.php with the societe or...

CVE-2019-19211

Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS...

CVE-2019-19211

Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS...