9 matches found
CVE-2018-13448
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...
PT-2024-20134 · Cups Easy · Cups Easy
Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A vulnerability has been reported in Cups Easy Purchase & Inventory whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via...
CVE-2023-6579
A vulnerability, which was classified as critical, has been found in osCommerce 4. Affected by this issue is some unknown functionality of the file /b2b-supermarket/shopping-cart of the component POST Parameter Handler. The manipulation of the argument estimatecountryid leads to sql injection. Th...
osCommerce SQL注入漏洞
osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. An SQL injection vulnerability exists in osCommerce, which originates from the lack of validation of the parameter estimatecountryid in the file /b2b-supermarket/shopping-cart against externally entered...
CVE-2021-36625
An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 fixed version is 14.0.0 via a POST request to the countryid parameter in an UPDATE statement...
UBUNTU-CVE-2021-36625
An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 fixed version is 14.0.0 via a POST request to the countryid parameter in an UPDATE statement...
PT-2022-10528 · Unknown · Dolibarr Erp/Crm
Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM versions prior to 14.0.0 Description: An SQL Injection issue exists via a POST request to the country id parameter in an UPDATE statement. Recommendations: For versions prior to 14.0.0, update to version 14.0.0 to resolve the...
UBUNTU-CVE-2018-13448
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...
CVE-2018-13448
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...