Reflected Cross Site Scripting (XSS)

dolibarr/dolibarr is vulnerable to a Reflected Cross-site Scripting XSS. The vulnerability is due to improper input validation in htdocs/compta/paiement/card.php, allowing remote attackers to inject arbitrary web script or HTML via the facid parameter...

SQL Injection

dolibarr is susceptible to multiple SQL injection vulnerabilities. The vulnerabilities exist because it does not filter the user-supplied data before using it in an SQL query, allowing the attackers to inject malicious SQL through the 1 contactid parameter in an addcontact action, 2 ligne paramet...