| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-9019 | 7.5 |
SQL Injection vulnerability in Dolibarr before version 7.0.2 allows remote attackers to execute arbitrary SQL commands via the sortfield parameter to /accountancy/admin/accountmodel.php, /accountancy/admin/categories_list.php, /accountancy/admin/jour
|
30-01-2021 - 02:36 | 22-05-2018 - 20:29 | |
| CVE-2018-10092 | 6.0 |
The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads.
|
24-08-2020 - 17:37 | 22-05-2018 - 20:29 | |
| CVE-2018-10094 | 7.5 |
SQL injection vulnerability in Dolibarr before 7.0.2 allows remote attackers to execute arbitrary SQL commands via vectors involving integer parameters without quotes.
|
02-07-2018 - 14:14 | 22-05-2018 - 20:29 | |
| CVE-2018-10095 | 4.3 |
Cross-site scripting (XSS) vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php.
|
06-06-2018 - 13:14 | 22-05-2018 - 20:29 |