Lucene search
Veracode Vulnerability DatabaseVERACODE:8109HistoryJan 04, 2019 - 2:00 a.m.
SQL Injection
2019-01-0402:00:12
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
44.6%
dolibarr/dolibarr is vulnerable to SQL injection. A lack of validation on the desiredstock parameter in product/card.php allows a remote authenticated attacker to execute arbitrary SQL commands via an error-based SQL injection vulnerability. This vulnerability could potentially allow for remote code execution if there is write permission in the directory within the web root.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dolibarr/dolibarr | le | 8.0.3 | |
| dolibarr/dolibarr | le | 8.0.3 |
Related
ubuntucve
ubuntucve
CVE-2018-19994
2019-01-03 00:00:00
nvd
nvd
CVE-2018-19994
2019-01-03 19:29:01
cvelist
cvelist
CVE-2018-19994
2019-01-03 19:00:00
prion
prion
Sql injection
2019-01-03 19:29:00
cve
cve
CVE-2018-19994
2019-01-03 19:29:01
osv
osv
CVE-2018-19994
2019-01-03 19:29:01
Dolibarr error-based SQL injection vulnerability in product/card.php
2022-05-14 01:42:07
github
github
Dolibarr error-based SQL injection vulnerability in product/card.php
2022-05-14 01:42:07
openvas
openvas
Dolibarr < 8.0.4 Multiple Vulnerabilities
2019-01-04 00:00:00