Lucene search
+L

17 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-4502

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00986EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-2385

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.0147EPSS
Exploits1References4
nessus
nessus
added 2025/09/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2020-11825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any user's session can be used in another user'...

8.8CVSS7.8AI score0.00986EPSS
Exploits1References2
osv
osv
added 2025/04/03 2:4 p.m.53 views

BIT-DOLIBARR-2020-7995

The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts...

10CVSS9.8AI score0.04537EPSS
Exploits4References4
osv
osv
added 2025/04/03 2:4 p.m.6 views

BIT-DOLIBARR-2020-7994

Multiple cross-site scripting XSS vulnerabilities in Dolibarr 10.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 labellibelle parameter to the /htdocs/admin/dict.php?id=3 page; the 2 nameconstname parameter to the /htdocs/admin/const.php?mainmenu=home page; the 3...

6.1CVSS6.2AI score0.0147EPSS
Exploits1References3
prion
prion
added 2020/04/16 7:15 p.m.9 views

Cross site request forgery (csrf)

In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any user's session can be used in another user's session. CSRF tokens should not be valid in this situation...

6.8CVSS8.7AI score0.00986EPSS
Exploits1References1Affected Software1
ubuntucve
ubuntucve
added 2020/04/16 7:15 p.m.17 views

CVE-2020-11825

In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any user's session can be used in another user's session. CSRF tokens should not be valid in this situation...

8.8CVSS7.2AI score0.00986EPSS
Exploits1References2
nvd
nvd
added 2020/01/26 11:15 p.m.26 views

CVE-2020-7995

The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts...

10CVSS9.6AI score0.04537EPSS
Exploits4References3
nvd
nvd
added 2020/01/26 11:15 p.m.20 views

CVE-2020-7994

Multiple cross-site scripting XSS vulnerabilities in Dolibarr 10.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 labellibelle parameter to the /htdocs/admin/dict.php?id=3 page; the 2 nameconstname parameter to the /htdocs/admin/const.php?mainmenu=home page; the 3...

6.1CVSS6.1AI score0.0147EPSS
Exploits1References2
nvd
nvd
added 2020/01/26 11:15 p.m.26 views

CVE-2020-7996

htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header...

6.1CVSS6AI score0.01152EPSS
Exploits1References2
osv
osv
added 2020/01/26 11:15 p.m.15 views

CVE-2020-7995

The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts...

9.8CVSS7AI score
Exploits0References3
osv
osv
added 2020/01/26 11:15 p.m.12 views

CVE-2020-7994

Multiple cross-site scripting XSS vulnerabilities in Dolibarr 10.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 labellibelle parameter to the /htdocs/admin/dict.php?id=3 page; the 2 nameconstname parameter to the /htdocs/admin/const.php?mainmenu=home page; the 3...

6.1CVSS5.9AI score
Exploits0References2
ubuntucve
ubuntucve
added 2020/01/26 11:15 p.m.17 views

CVE-2020-7996

htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header...

6.1CVSS6.3AI score0.01152EPSS
Exploits1References3
osv
osv
added 2020/01/26 11:15 p.m.5 views

UBUNTU-CVE-2020-7994

Multiple cross-site scripting XSS vulnerabilities in Dolibarr 10.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 labellibelle parameter to the /htdocs/admin/dict.php?id=3 page; the 2 nameconstname parameter to the /htdocs/admin/const.php?mainmenu=home page; the 3...

6.1CVSS5.8AI score0.0147EPSS
Exploits1References4
cvelist
cvelist
added 2020/01/26 10:44 p.m.18 views

CVE-2020-7994

Multiple cross-site scripting XSS vulnerabilities in Dolibarr 10.0.6 allow remote attackers to inject arbitrary web script or HTML via the 1 labellibelle parameter to the /htdocs/admin/dict.php?id=3 page; the 2 nameconstname parameter to the /htdocs/admin/const.php?mainmenu=home page; the 3...

6.1AI score0.0147EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2020/01/26 12:0 a.m.6 views

PT-2020-19906 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 10.0.6 Description: The issue concerns the htdocs/index.php?mainmenu=home login page, which allows an unlimited rate of failed authentication attempts. This could potentially lead to brute-force attacks. Recommendations: For...

10CVSS7.1AI score0.04537EPSS
Exploits4References13
ptsecurity
ptsecurity
added 2020/01/26 12:0 a.m.6 views

PT-2020-19907 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 10.0.6 Description: The issue allows for XSS via the Referer HTTP header in the htdocs/user/passwordforgotten.php file. Recommendations: For Dolibarr version 10.0.6, consider disabling access to the...

6.1CVSS5.9AI score0.01152EPSS
Exploits1References11
Rows per page
Query Builder