Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2018-01641)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in the comm/multiprix.php...

PT-2017-15082 · Dolibarr · Dolibarr Erp/Crm

Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM version 6.0.4 Description: A SQL injection issue allows remote attackers to execute arbitrary SQL commands. The issue is related to the id parameter in the comm/multiprix.php file. Recommendations: For version 6.0.4, consider...