Lucene search
K

4 matches found

securityvulns
securityvulns
added 2014/12/01 12:0 a.m.91 views

CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM

Vulnerability title: Multiple SQL Injections in Dolibarr ERP & CRM CVE: CVE-2014-7137 Vendor: Dolibarr ERP & CRM Product: Dolibarr ERP & CRM Affected version: 3.5.3 Fixed version: 3.6.1 Reported by: Jerzy Kramarz Details: SQL injection has been found and confirmed within the software as an...

6.5CVSS6.8AI score0.01698EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2014/11/21 3:59 p.m.36 views

CVE-2014-7137

Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the 1 contactid parameter in an addcontact action, 2 ligne parameter in a swapstatut action, or 3 projectref parameter to projet/tasks/contact.php; 4 line...

6.5CVSS6.2AI score0.01698EPSS
Exploits3References1
CVE
CVE
added 2014/11/21 3:0 p.m.65 views

CVE-2014-7137

CVE-2014-7137 covers multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1. An authenticated user could exploit numerous parameters across modules (e.g., product/stock/fiche.php; projet/tasks/contact.php; compta/prelevement/liste.php; holiday/index.php; etc.) to execute arbitrar...

6.5CVSS8.2AI score0.01698EPSS
Exploits3References5Affected Software1
0day.today
0day.today
added 2014/11/20 12:0 a.m.47 views

Dolibarr ERP And CRM 3.5.3 SQL Injection Vulnerability

Dolibarr ERP and CRM version 3.5.3 suffers from multiple remote SQL injection vulnerabilities. Vulnerability title: Multiple SQL Injections in Dolibarr ERP & CRM CVE: CVE-2014-7137 Vendor: Dolibarr ERP & CRM Product: Dolibarr ERP & CRM Affected version: 3.5.3 Fixed version: 3.6.1 Reported by: Jer...

6.5CVSS7.8AI score0.01698EPSS
Exploits3
Rows per page
Query Builder