0.001 Low
EPSS
Percentile
47.1%
Dolibarr ERP/CRM is vulnerable to SQL injection attacks. An attacker is able to execute arbitrary SQL commands via the statut_buy in parameter in product/card.php.
statut_buy
product/card.php
github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb