CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-3314

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00199EPSS

Exploits1References3

Github Security Blog•added 2022/05/24 4:50 p.m.•10 views

Dolibarr Cross Site Scripting (XSS)

Dolibarr 6.0.4 is affected by: Cross Site Scripting XSS. The impact is: Cookie stealing. The component is: htdocs/product/stats/card.php. The attack vector is: Victim must click a specially crafted link sent by the attacker...

6.1CVSS6.7AI score0.00199EPSS

Exploits1References3Affected Software1

OSV•added 2022/05/14 3:23 a.m.•10 views

GHSA-726G-CGCQ-4XW8 Dolibarr Cross-Site Scripting (XSS) vulnerability

Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting XSS vulnerabilities in versions before 5.0.4: index.php leftmenu parameter, core/ajax/box.php PATHINFO, product/stats/card.php type parameter, holiday/list.php monthcreate, monthstart, and monthend parameters, and don/card.ph...

5.4CVSS5.7AI score0.00185EPSS

Exploits1References3

Veracode•added 2019/07/15 7:45 a.m.•9 views

Cross-site Scripting (XSS)

dolibarr/dolibarr is vulnerable to cross-site scripting XSS. The GETPOST functions in htdocs/product/stats/card.php for example for id parameter are not properly validated, allowing an attacker to inject an arbitrary script which will send a specifically crafted link to the user to steal users'...

6.1CVSS5.8AI score0.00199EPSS

Exploits1References1Affected Software1