dolibarr versions prior to 3.8.3 suffer from an html injection vulnerability.
15875b200a0e36f8a952cfdef4e70e93f25ab2063a0dce23b85d731ca4060b18
Dolibarr versions 3.5 and 3.6 suffer from an html injection vulnerability.
9f00b2420b60681ea925cc5da4b190b35ab50e4a25ec8237ea484ea6ff025c54
Dolibarr ERP and CRM version 3.5.3 suffers from multiple remote SQL injection vulnerabilities.
28d80b9fc01de763573e26f6295737377269e9e8ba336e578aabd6a7d3558bc6
Dolibarr CMS version 3.5.3 suffers from cross site scripting and remote SQL injection vulnerabilities.
40fff482ae1852b3eb422ccca24b3d40df55a5ff8764cde2d5de7e97d4ac32f5
Dolibarr ERP/CMS version 3.4.0 suffers from a remote SQL injection vulnerability.
17558383b563f3fc59b866cd4454a1c3f1b147cd861e3918baa96316db448057
Dolibarr version 3.2.2 suffers from remote SQL injection and cross site scripting vulnerabilities.
4977770ec83e85ca90681b84ba6e1d6e081db76c85015fbbbae7376d8dd961f6
This Metasploit module exploits a vulnerability found in Dolibarr ERP/CRM's backup feature. This software is used to manage a company's business information such as contacts, invoices, orders, stocks, agenda, etc. When processing a database backup request, the export.php function does not check the input given to the sql_compat parameter, which allows a remote authenticated attacker to inject system commands into it, and then gain arbitrary code execution.
f473f9176eddcff3e9c592e1ef0bfc7d0a0e762392a39abfb965fb4ca8ee9b22
Dolibarr ERP and CRM suffers from an operating system command injection vulnerability. Versions 3.1.1 and below and 3.2.0 and below are affected.
12cbccf9e032e58bbcfb558ce094025f740cd5c49cca609440f370009e6de991
Dolibarr version 3.1.0 RC suffers from cross site scripting and remote SQL injection vulnerabilities.
aef4bbabd3173ece6416b5ba1cd5f7f6dce42fbb854cd7f08f1b53976a504a56
Dolibarr version 3.1.0 suffers from multiple cross site scripting vulnerabilities.
73f62c78744b3f8b4d9c6c84e33979de78be6f662baa3b6b6eae31a30ae282d3
A local file inclusion vulnerability in Dolibarr version 3.0.0 can be exploited to include arbitrary files.
efefe3ea8c6810ee1b670ebdcaa5526092580261c7cc1260a703f0ba6ed0f2ef
A reflected cross site scripting vulnerability in Dolibarr version 3.0.0 can be exploited to execute arbitrary JavaScript.
d40933a490a20ec99376edb8fcfdf191c2b6d3f52c7403f52d814f84aaa0429f