Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

ERP

Dolibarr

Dolibarr is a software built by modules addition to manage small or medium companies freelancers or foundations. Dolibarr is an OpenSource project base on a WAMP MAMP or LAMP server.

Official Site:

https://www.dolibarr.org/

Severity Summary:

Critical: 28 High: 29 Medium: 63
Reference
Title
Severity
CVE-2017-9840
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2019-11201
Dolibarr Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2019-11200
Dolibarr Vulnerability
High
CVE-2019-19209
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2017-9839
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2017-18260
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2020-35136
Dolibarr Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability
High
CVE-2012-1225
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2021-25957
Dolibarr Weak Password Recovery Mechanism for Forgotten Password Vulnerability
High
CVE-2020-11825
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2023-4197
Dolibarr Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
High
CVE-2017-14240
Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2022-0819
Dolibarr Improper Control of Generation of Code (Code Injection) Vulnerability
High
CVE-2021-37517
Dolibarr Incorrect Authorization Vulnerability
High
CVE-2021-36625
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2020-14443
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2023-30253
Dolibarr Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
High
CVE-2023-33568
Dolibarr Files or Directories Accessible to External Parties Vulnerability
High
CVE-2023-38887
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2023-38886
Dolibarr Vulnerability
High
CVE-2020-12669
Dolibarr Incorrect Authorization Vulnerability
High
CVE-2020-14209
Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability
High
CVE-2018-10092
Dolibarr Missing Authorization Vulnerability
High
CVE-2017-17898
Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
High
CVE-2018-19998
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2018-19994
Dolibarr Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
High
CVE-2019-1010054
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2022-30875
Dolibarr Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-19993
Dolibarr Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-0414
Dolibarr Other Vulnerability
Medium