4 matches found
CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM
Vulnerability title: Multiple SQL Injections in Dolibarr ERP & CRM CVE: CVE-2014-7137 Vendor: Dolibarr ERP & CRM Product: Dolibarr ERP & CRM Affected version: 3.5.3 Fixed version: 3.6.1 Reported by: Jerzy Kramarz Details: SQL injection has been found and confirmed within the software as an...
CVE-2014-7137
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the 1 contactid parameter in an addcontact action, 2 ligne parameter in a swapstatut action, or 3 projectref parameter to projet/tasks/contact.php; 4 line...
CVE-2014-7137
CVE-2014-7137 covers multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1. An authenticated user could exploit numerous parameters across modules (e.g., product/stock/fiche.php; projet/tasks/contact.php; compta/prelevement/liste.php; holiday/index.php; etc.) to execute arbitrar...
Dolibarr ERP And CRM 3.5.3 SQL Injection Vulnerability
Dolibarr ERP and CRM version 3.5.3 suffers from multiple remote SQL injection vulnerabilities. Vulnerability title: Multiple SQL Injections in Dolibarr ERP & CRM CVE: CVE-2014-7137 Vendor: Dolibarr ERP & CRM Product: Dolibarr ERP & CRM Affected version: 3.5.3 Fixed version: 3.6.1 Reported by: Jer...