2 matches found
CVE-2020-14475
A reflected cross-site scripting XSS vulnerability in Dolibarr 11.0.3 allows remote attackers to inject arbitrary web script or HTML into public/notice.php related to transphrase and transkey...
CVE-2020-14443
A SQL injection vulnerability in accountancy/customer/card.php in Dolibarr 11.0.3 allows remote authenticated users to execute arbitrary SQL commands via the id parameter...