Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

ERP

Dolibarr

Dolibarr is a software built by modules addition to manage small or medium companies freelancers or foundations. Dolibarr is an OpenSource project base on a WAMP MAMP or LAMP server.

Official Site:

https://www.dolibarr.org/

Severity Summary:

Critical: 31 High: 38 Medium: 65
Reference
Title
Severity
CVE-2019-19212
Dolibarr Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Critical
CVE-2023-30253
Dolibarr Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2019-11200
Dolibarr Vulnerability
High
CVE-2017-9839
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2017-18260
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2020-35136
Dolibarr Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability
High
CVE-2019-19209
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2021-25957
Dolibarr Weak Password Recovery Mechanism for Forgotten Password Vulnerability
High
CVE-2021-25956
Dolibarr Improper Authentication Vulnerability
High
CVE-2022-0819
Dolibarr Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2021-37517
Dolibarr Incorrect Authorization Vulnerability
High
CVE-2021-36625
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2020-11825
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2020-12669
Dolibarr Incorrect Authorization Vulnerability
High
CVE-2019-1010054
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2019-11201
Dolibarr Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2023-38887
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2023-38886
Dolibarr Vulnerability
High
CVE-2023-4197
Dolibarr Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2024-29477
Dolibarr Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2020-14443
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2024-37821
Dolibarr Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2024-31503
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2025-56588
Dolibarr Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2019-25452
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2019-25450
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2026-31019
Dolibarr Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2026-31018
Dolibarr Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2026-22666
Dolibarr Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2025-67486
Dolibarr Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High