8 matches found
Dolibarr ERPCRM 3.5.3 - Multiple Vulnerabilities
Dolibarr ERPCRM 3.5.3 - Multiple Vulnerabilities Vulnerability Name: SQL injection Severity: Critical URL: http://localhost/dolibarr/user/fiche.php Affected Users: All authenticated users Issue details: The "entity" parameter appears to be vulnerable to SQL injection attacks. A single quote was...
Dolibarr ERPCRM 3.4.0 - exportcsv.php?sondage SQL Injection
Dolibarr ERPCRM 3.4.0 - exportcsv.php?sondage SQL Injection Exploit Title: Dolibarr 3.4.0 SQLi Date: 10/7/2013 Exploit author: drone @dronesec More information: http://forelsec.blogspot.com/2013/10/dolibarr-340-multiple-vulnerabilities.html Vendor homepage: http://www.dolibarr.org/ Software link:...
Dolibarr ERPCRM 3.x - adherentsfiche.php SQL Injection
Dolibarr ERPCRM 3.x - adherentsfiche.php SQL Injection source: https://www.securityfocus.com/bid/51956/info Dolibarr is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...
Dolibarr ERPCRM 3.1 - Multiple Script URI Cross-Site Scripting Vulnerabilities
Dolibarr ERPCRM 3.1 - Multiple Script URI Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/50777/info Dolibarr is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in...
Dolibarr ERPCRM 3.1.0 - userindex.php Multiple SQL Injections
Dolibarr ERPCRM 3.1.0 - userindex.php Multiple SQL Injections source: https://www.securityfocus.com/bid/50777/info Dolibarr is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generate...
Dolibarr ERPCRM 3.1.0 - adminboxes.php?rowid SQL Injection
Dolibarr ERPCRM 3.1.0 - adminboxes.php?rowid SQL Injection source: https://www.securityfocus.com/bid/50777/info Dolibarr is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated...
Dolibarr ERPCRM 3.1.0 - userinfo.php?id SQL Injection
Dolibarr ERPCRM 3.1.0 - userinfo.php?id SQL Injection source: https://www.securityfocus.com/bid/50777/info Dolibarr is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated conten...
Dolibarr ERPCRM 3.0 - Local File Inclusion Cross-Site Scripting
Dolibarr ERPCRM 3.0 - Local File Inclusion Cross-Site Scripting source: https://www.securityfocus.com/bid/47542/info Dolibarr is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit...