EUVD-2012-1251

Malware in sbrugna...

CVE-2012-1225

Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 memberslist parameter aka Member List in list.php or 2 rowid parameter to adherents/fiche.php...

Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities

No description provided by source. Vulnerability Name: SQL injection Severity: Critical URL: http://localhost/dolibarr/user/fiche.php Affected Users: All authenticated users Issue details: The "entity" parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in th...

Dolibarr CMS 3.5.3 SQL Injection / Cross Site Scripting

Vulnerability Name: SQL injection Severity: Critical URL: http://localhost/dolibarr/user/fiche.php Affected Users: All authenticated users Issue details: The "entity" parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the entity parameter, and a database...

Dolibarr CMS 3.5.3 - Multiple Security Vulnerabilities

Exploit for php platform in category web applications Vulnerability Name: SQL injection Severity: Critical URL: http://localhost/dolibarr/user/fiche.php Affected Users: All authenticated users Issue details: The "entity" parameter appears to be vulnerable to SQL injection attacks. A single quote...

Dolibarr CMS 3.2.0 - Alpha - File Include Vulnerabilities

No description provided by source. Title: ====== Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities Date: ===== 2012-02-07 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=428 VL-ID: ===== 428 Introduction: ============= Dolibarr ERP & CRM is a modern software to...

CVE-2012-1225

Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 memberslist parameter aka Member List in list.php or 2 rowid parameter to adherents/fiche.php...

CVE-2012-1226

Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. dot dot in the 1 file parameter to document.php or 2 backtopage parameter in a create action to comm/action/fiche.php...

Sql injection

Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 memberslist parameter aka Member List in list.php or 2 rowid parameter to adherents/fiche.php...

Directory traversal

Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. dot dot in the 1 file parameter to document.php or 2 backtopage parameter in a create action to comm/action/fiche.php...

UBUNTU-CVE-2012-1225

Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 memberslist parameter aka Member List in list.php or 2 rowid parameter to adherents/fiche.php...

CVE-2012-1225

Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 memberslist parameter aka Member List in list.php or 2 rowid parameter to adherents/fiche.php...

PT-2012-3149 · Dolibarr · Dolibarr Cms

Name of the Vulnerable Software and Affected Versions: Dolibarr CMS version 3.2.0 Alpha Description: The issue allows remote attackers to read arbitrary files and possibly execute arbitrary code via a .. dot dot in the file parameter to "document.php" or backtopage parameter in a create action to...

CVE-2012-1225

Dolibarr CMS up to version 3.2.0 Alpha and earlier is affected by multiple SQL injection vulnerabilities that allow remote authenticated users to execute arbitrary SQL commands via two endpoints: list.php with the memberslist parameter and adherents/fiche.php with the rowid parameter. Root cause ...

PT-2012-3148 · Dolibarr · Dolibarr Cms

Name of the Vulnerable Software and Affected Versions: Dolibarr CMS versions 3.2.0 Alpha and earlier Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the memberslist parameter in list.php or the rowid parameter in...

CVE-2012-1225

Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the 1 memberslist parameter aka Member List in list.php or 2 rowid parameter to adherents/fiche.php...

CVE-2012-1226

Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. dot dot in the 1 file parameter to document.php or 2 backtopage parameter in a create action to comm/action/fiche.php...

CVE-2012-1226

Dolibarr ERP/CRM 3.2 Alpha is affected by multiple directory traversal vulnerabilities exposed via the file parameter in document.php and the backtopage parameter in a create action to comm/action/fiche.php. The root cause is improper handling of the .. path traversal which can allow remote attac...

Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities

Title: ====== Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities Date: ===== 2012-02-07 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=428 VL-ID: ===== 428 Introduction: ============= Dolibarr ERP & CRM is a modern software to manage your company or foundation...

Dolibarr CMS 3.2.0 Alpha SQL Injection

Title: ====== Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities Date: ===== 2012-02-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=427 VL-ID: ===== 427 Introduction: ============= Dolibarr ERP & CRM is a modern software to manage your company or foundation...