Security Advisories - dolibarr/dolibarr

dolibarr/dolibarr Security Advisories for 6.0.3 (37)

Dolibarr allows a remote privileged attacker to execute arbitrary code via a crafted command/script

CVE-2023-38886

Affected version: <17.0.1

Reported by:
GitHub
File Upload vulnerability in Dolibarr ERP CRM

CVE-2023-38887

Affected version: <17.0.1

Reported by:
GitHub
Cross Site Scripting vulnerability in Dolibarr ERP CRM

CVE-2023-38888

Affected version: <17.0.1

Reported by:
GitHub
Dolibarr vulnerable to remote code execution via uppercase manipulation

CVE-2023-30253

Affected version: <17.0.1

Reported by:
GitHub
Dolibarr vulnerable to privilege escalation

CVE-2022-43138

Affected version: <14.0.1

Reported by:
GitHub
Dolibarr vulnerable to Eval Injection

CVE-2022-40871

Affected version: <=15.0.3

Reported by:
GitHub
Cross site scripting in dolibarr

CVE-2022-2060

Affected version: <16.0

Reported by:
GitHub
Dolibarr ERP and CRM contain XSS Vulnerability

CVE-2021-33618

Affected version: <=13.0.2

Reported by:
GitHub
Dolibarr CRM allows Privilege Escalation

CVE-2020-14201

Affected version: <11.0.5

Reported by:
GitHub
Dolibarr Cross-Site Request Forgery Vulnerability

CVE-2020-11825

Affected version: <=10.0.6

Reported by:
GitHub
Dolibarr ERP and CRM contain XSS Vulnerability

CVE-2019-19211

Affected version: <10.0.3

Reported by:
GitHub
Dolibarr ERP and CRM contain XSS Vulnerability

CVE-2019-19210

Affected version: <10.0.3

Reported by:
GitHub
Dolibarr ERP and CRM SQLi

CVE-2019-19209

Affected version: <10.0.3

Reported by:
GitHub
Dolibarr ERP and CRM contain XSS Vulnerability

CVE-2020-9016

Affected version: <=11.0.0

Reported by:
GitHub
Dolibarr ERP and CRM contain XSS Vulnerability

CVE-2019-19206

Affected version: <=10.0.3

Reported by:
GitHub
Dolibarr ERP and CRM HTML Injection

CVE-2019-17223

Affected version: <11.0.1

Reported by:
GitHub
Dolibarr ERP and CRM Code Injection

CVE-2019-11201

Affected version: <=9.0.1

Reported by:
GitHub
Dolibarr ERP and CRM malicious executable loading

CVE-2019-11200

Affected version: <9.0.3

Reported by:
GitHub
Dolibarr ERP and CRM contain XSS Vulnerability

CVE-2017-17971

Affected version: <=6.0.4

Reported by:
GitHub
Dolibarr ERP and CRM contain XSS Vulnerability

CVE-2017-18259

Affected version: <=7.0.0

Reported by:
GitHub
Dolibarr ERP and CRM contain XSS Vulnerability

CVE-2018-19799

Affected version: <=8.0.3

Reported by:
GitHub
Access Control vulnerability in Dolibarr

CVE-2021-37517

Affected version: <14.0.1

Reported by:
GitHub
SQL Injection in Dolibarr

CVE-2021-36625

Affected version: <14.0.0

Reported by:
GitHub
Code injection in dolibarr/dolibarr

CVE-2022-0819

Affected version: <15.0.1

Reported by:
GitHub
Logic error in dolibarr/dolibarr

CVE-2022-0746

Affected version: <16.0

Reported by:
GitHub
Improper Authorization in dolibarr/dolibarr

CVE-2022-0731

Affected version: <16.0

Reported by:
GitHub
Dolibarr vulnerable to Improper Validation of Specified Quantity in Input

CVE-2022-0414

Affected version: <=14.0.5

Reported by:
GitHub
SQL Injection in dolibarr

CVE-2022-0224

Affected version: <=14.0.5

Reported by:
GitHub
Logic error in dolibarr

CVE-2022-0174

Affected version: <15.0.0

Reported by:
GitHub
Cross site scripting in dolibarr

CVE-2022-22293

Affected version: <13.0.0

Reported by:
GitHub
Dolibarr vulnerable to Improper Authentication and Improper Access Control

CVE-2021-25956

Affected version: >=3.3.beta1,<13.0.2

Reported by:
GitHub
Weak Password Recovery Mechanism for Forgotten Password

CVE-2021-25957

Affected version: <14.0.0

Reported by:
GitHub
Dolibarr Cross-site Scripting vulnerability

CVE-2021-25955

Affected version: >=2.8.1,<=13.0.2

Reported by:
GitHub
Improper Access Control in Dolibarr

CVE-2021-25954

Affected version: >=2.8.1,<14.0.0

Reported by:
GitHub
XSS in Dolibarr

CVE-2020-13094

Affected version: <11.0.4

Reported by:
GitHub
XSS in Dolibarr ERP & CRM

CVE-2020-7996

Affected version: <=10.0.6

Reported by:
GitHub
Cross-site scripting in Dolibarr

CVE-2019-16197

Affected version: <10.0.2

Reported by:
GitHub