14 matches found
EUVD-2009-4540
Malware in sbrugna...
EUVD-2022-4497
Malicious code in bioql PyPI...
GHSA-M5RG-G6F9-8WPW Dolibarr SQL injection vulnerability in product/card.php
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...
Dolibarr SQL injection vulnerability in product/card.php
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...
SQL Injection
dolibarr/dolibarr is vulnerable to SQL Injection attacks. The vulnerability exists due to lack of sanitization in the UPDATE statement which allows a malicious attacker to execute arbitrary SQL queries on countryid parameter...
Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2022-85108)
Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system from the French Dolibarr Foundation. The system can be used to manage products, inventory, invoices, orders, etc. A SQL injection vulnerability exists in Dolibarr ERP/CRM, which stems...
CVE-2021-36625
An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 fixed version is 14.0.0 via a POST request to the countryid parameter in an UPDATE statement...
CVE-2018-13448
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...
Sql injection
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...
CVE-2018-13448
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...
CVE-2018-13448
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the countryid parameter...
OS Solution OSProperty 2.8.0 - SQL Injection
OS Solution OSProperty 2.8.0 was vulnerable to an unauthenticated SQL injection in the countryid parameter of the request made to retrieve a list of states for a given country. The version was not bumped when the vulnerability was fixed, but if you download after April 27th, you downloaded a fixe...
CVE-2009-4574
SQL injection vulnerability in countryescorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the countryid parameter...
Sql injection
SQL injection vulnerability in countryescorts.php in I-Escorts Directory Script allows remote attackers to execute arbitrary SQL commands via the countryid parameter...