Lucene search
+L

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:12 a.m.8 views

CVE-2018-13448

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...

9.8CVSS8.7AI score0.01918EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.10 views

PT-2024-20134 · Cups Easy · Cups Easy

Name of the Vulnerable Software and Affected Versions: Cups Easy Purchase & Inventory version 1.0 Description: A vulnerability has been reported in Cups Easy Purchase & Inventory whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via...

8.2CVSS6.1AI score0.00399EPSS
Exploits0References6
OSV
OSV
added 2023/12/07 10:15 p.m.7 views

CVE-2023-6579

A vulnerability, which was classified as critical, has been found in osCommerce 4. Affected by this issue is some unknown functionality of the file /b2b-supermarket/shopping-cart of the component POST Parameter Handler. The manipulation of the argument estimatecountryid leads to sql injection. Th...

9.8CVSS5.7AI score
Exploits0References3
CNNVD
CNNVD
added 2023/12/07 12:0 a.m.5 views

osCommerce SQL注入漏洞

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license. An SQL injection vulnerability exists in osCommerce, which originates from the lack of validation of the parameter estimatecountryid in the file /b2b-supermarket/shopping-cart against externally entered...

9.8CVSS8AI score0.23846EPSS
Exploits3References4
ATTACKERKB
ATTACKERKB
added 2022/03/31 6:15 p.m.2 views

CVE-2021-36625

An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 fixed version is 14.0.0 via a POST request to the countryid parameter in an UPDATE statement...

8.8CVSS7.3AI score0.00892EPSS
Exploits0References2
OSV
OSV
added 2022/03/31 6:15 p.m.4 views

UBUNTU-CVE-2021-36625

An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 fixed version is 14.0.0 via a POST request to the countryid parameter in an UPDATE statement...

8.8CVSS6AI score0.00892EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/03/31 12:0 a.m.2 views

PT-2022-10528 · Unknown · Dolibarr Erp/Crm

Name of the Vulnerable Software and Affected Versions: Dolibarr ERP/CRM versions prior to 14.0.0 Description: An SQL Injection issue exists via a POST request to the country id parameter in an UPDATE statement. Recommendations: For versions prior to 14.0.0, update to version 14.0.0 to resolve the...

8.8CVSS8.4AI score0.00892EPSS
Exploits0References10
OSV
OSV
added 2018/07/08 4:29 p.m.4 views

UBUNTU-CVE-2018-13448

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...

9.8CVSS7.7AI score0.01918EPSS
Exploits0References2
OSV
OSV
added 2018/07/08 4:29 p.m.13 views

CVE-2018-13448

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...

9.8CVSS8.7AI score
Exploits0References1
Rows per page
Query Builder