Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-36625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 fixed version is 14.0.0 via a POST request to the countryid parameter in an UPDATE statement...

8.8CVSS8.2AI score0.00892EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-13448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid...

9.8CVSS9AI score0.01918EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:12 a.m.6 views

CVE-2018-13448

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...

9.8CVSS8.7AI score0.01918EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.8 views

PT-2024-20134 · Cups Easy · Cups Easy

Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A vulnerability has been reported in Cups Easy Purchase & Inventory whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via...

8.2CVSS6.1AI score0.00399EPSS
Exploits0References6
OSV
OSV
added 2023/12/07 10:15 p.m.6 views

CVE-2023-6579

A vulnerability, which was classified as critical, has been found in osCommerce 4. Affected by this issue is some unknown functionality of the file /b2b-supermarket/shopping-cart of the component POST Parameter Handler. The manipulation of the argument estimatecountryid leads to sql injection. Th...

9.8CVSS5.7AI score
Exploits0References3
CNNVD
CNNVD
added 2023/12/07 12:0 a.m.5 views

osCommerce SQL注入漏洞

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. An SQL injection vulnerability exists in osCommerce, which originates from the lack of validation of the parameter estimatecountryid in the file /b2b-supermarket/shopping-cart against externally entered...

9.8CVSS8AI score0.23846EPSS
Exploits3References4
Github Security Blog
Github Security Blog
added 2022/04/01 12:0 a.m.26 views

SQL Injection in Dolibarr

An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 fixed version is 14.0.0 via a POST request to the countryid parameter in an UPDATE statement...

8.8CVSS8.9AI score0.00892EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/03/31 6:15 p.m.2 views

CVE-2021-36625

An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 fixed version is 14.0.0 via a POST request to the countryid parameter in an UPDATE statement...

8.8CVSS7.3AI score0.00892EPSS
Exploits0References2
OSV
OSV
added 2022/03/31 6:15 p.m.4 views

UBUNTU-CVE-2021-36625

An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 fixed version is 14.0.0 via a POST request to the countryid parameter in an UPDATE statement...

8.8CVSS6AI score0.00892EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/03/31 12:0 a.m.1 views

PT-2022-10528 · Unknown · Dolibarr Erp/Crm

Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM versions prior to 14.0.0 Description: An SQL Injection issue exists via a POST request to the country id parameter in an UPDATE statement. Recommendations: For versions prior to 14.0.0, update to version 14.0.0 to resolve the...

8.8CVSS8.4AI score0.00892EPSS
Exploits0References10
CNVD
CNVD
added 2018/07/09 12:0 a.m.4 views

Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2018-13459)

Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A SQL injection vulnerability exists in the product/card.php...

9.8CVSS9.8AI score0.01918EPSS
Exploits0References1
OSV
OSV
added 2018/07/08 4:29 p.m.4 views

UBUNTU-CVE-2018-13448

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...

9.8CVSS7.7AI score0.01918EPSS
Exploits0References2
OSV
OSV
added 2018/07/08 4:29 p.m.12 views

CVE-2018-13448

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...

9.8CVSS8.7AI score
Exploits0References1
0day.today
0day.today
added 2015/04/29 12:0 a.m.23 views

OS Solution OSProperty 2.8.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications OS Solution OSProperty 2.8.0 was vulnerable to an unauthenticated SQL injection in the countryid parameter of the request made to retrieve a list of states for a given country. The version was not bumped when the vulnerability was fixed, but i...

7.1AI score
Exploits0
Rows per page
Query Builder