CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

OSV•added 2022/05/24 5:11 p.m.•24 views

GHSA-GFHF-2XR5-2FVW Dolibarr ERP and CRM contain XSS Vulnerability

Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS...

6.1CVSS6.2AI score0.02101EPSS

Exploits1References4

Github Security Blog•added 2022/05/24 5:11 p.m.•31 views

Dolibarr ERP and CRM contain XSS Vulnerability

Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS...

6.1CVSS6.9AI score0.02101EPSS

Exploits1References4Affected Software1

Github Security Blog•added 2022/05/17 3:59 a.m.•19 views

Dolibarr ERP and CRM contain XSS Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3 allow remote authenticated users to inject arbitrary web script or HTML via the 1 lastname, 2 firstname, 3 email, 4 job, or 5 signature parameter to htdocs/user/card.php...

5.4CVSS5.7AI score0.00222EPSS

Exploits1References7Affected Software1

OSV•added 2022/05/14 1:42 a.m.•12 views

GHSA-3V8X-286H-9PXP Dolibarr stored cross-site scripting (XSS) vulnerability

A stored cross-site scripting XSS vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" POST or "town" POST parameter to user/card.php...

5.4CVSS5.1AI score0.00132EPSS

Exploits0References4

Github Security Blog•added 2022/05/14 1:41 a.m.•16 views

Dolibarr SQL injection vulnerability in user/card.php

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter...

8.8CVSS8.5AI score0.00258EPSS

Exploits0References4Affected Software1

OSV•added 2022/05/14 1:41 a.m.•13 views

GHSA-97JV-2HP6-3FRJ Dolibarr SQL injection vulnerability in user/card.php

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter...

8.8CVSS8.8AI score0.00258EPSS

Exploits0References4

NVD•added 2020/03/16 3:15 p.m.•13 views

CVE-2019-19211

Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS...

6.1CVSS6.2AI score0.02101EPSS

Exploits1References3

OSV•added 2020/03/16 3:15 p.m.•16 views

CVE-2019-19211

Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS...

6.1CVSS6.8AI score

Exploits0References3

Prion•added 2020/03/16 3:15 p.m.•15 views

Cross site scripting

Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS...

4.3CVSS6.2AI score0.02101EPSS

Exploits1References3Affected Software1

UbuntuCve•added 2020/03/16 3:15 p.m.•23 views

CVE-2019-19211

Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue that can lead to user/card.php XSS...

6.1CVSS6.4AI score0.02101EPSS

Exploits1References4

NVD•added 2019/01/03 7:29 p.m.•7 views

CVE-2018-19995

5.4CVSS5AI score0.00132EPSS

Exploits0References2

UbuntuCve•added 2019/01/03 7:29 p.m.•15 views

CVE-2018-19998

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter...

8.8CVSS7.5AI score0.00258EPSS

Exploits0References1

UbuntuCve•added 2019/01/03 7:29 p.m.•9 views

CVE-2018-19995

5.4CVSS6.5AI score0.00132EPSS

Exploits0References3

CVE•added 2019/01/03 7:0 p.m.•41 views

CVE-2018-19998

Dolibarr 8.0.2 contains a SQL injection in user/card.php via the employee parameter, allowing remote authenticated users to execute arbitrary SQL commands. This is reported across multiple feeds (NVD/OSV/CNVD), with CVSS scores up to 8.8 (HIGH) and impact on confidentiality, integrity, and availa...

8.8CVSS8.8AI score0.00258EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/01/03 7:0 p.m.•13 views

CVE-2018-19998

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter...

8.9AI score0.00258EPSS

Exploits0References2

NVD•added 2016/01/15 8:59 p.m.•13 views

CVE-2016-1912

5.4CVSS5.2AI score0.00222EPSS

Exploits1References5

Prion•added 2016/01/15 8:59 p.m.•14 views

Cross site scripting

3.5CVSS5.7AI score0.00222EPSS

Exploits1References5Affected Software1

Cvelist•added 2016/01/15 8:0 p.m.•18 views

CVE-2016-1912