dolibarr/dolibarr Security Advisories for 14.0.1 (19)
-
[HIGH] Dolibarr vulnerable to Cross-Site Request Forgery
PKSA-8w8y-vz41-dcws CVE-2024-31503 GHSA-6ppg-rgrg-f573
Affected version: <=19.0.0
Reported by:
GitHub -
[MEDIUM] Dolibarr ERP CRM Code Injection vulnerability during installation
PKSA-2sjx-71hq-ptft CVE-2024-29477 GHSA-p73x-rpgm-3v56
Affected version: <=19.0.0
Reported by:
GitHub -
[HIGH] Dolibarr Improper Input Validation vulnerability
PKSA-q6zm-sspk-cc66 CVE-2023-4197 GHSA-r9cm-pw9j-3fpx
Affected version: <18.0.2
Reported by:
GitHub -
[MEDIUM] Dolibarr Improper Input Validation vulnerability
PKSA-r9vt-swsb-3xhm CVE-2023-4198 GHSA-48v2-596x-4jr9
Affected version: <18.0.0
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting (XSS) in dolibarr/dolibarr
PKSA-zjx2-p78q-wn3y CVE-2023-5842 GHSA-9pjf-jw9q-fx49
Affected version: <16.0.5
Reported by:
GitHub -
[MEDIUM] Dolibarr Cross-site Scripting vulnerability
PKSA-5n9n-kh2g-xmcr CVE-2023-5323 GHSA-39m3-cj8c-886r
Affected version: <18.0.0
Reported by:
GitHub -
[HIGH] Dolibarr allows a remote privileged attacker to execute arbitrary code via a crafted command/script
PKSA-bjh3-pcty-gzfv CVE-2023-38886 GHSA-6773-rfjv-c54w
Affected version: <17.0.1
Reported by:
GitHub -
[HIGH] File Upload vulnerability in Dolibarr ERP CRM
PKSA-z8ry-v62w-xzbn CVE-2023-38887 GHSA-g8h7-mcp6-pf47
Affected version: <17.0.1
Reported by:
GitHub -
[CRITICAL] Cross Site Scripting vulnerability in Dolibarr ERP CRM
PKSA-88m8-v3s6-zj4m CVE-2023-38888 GHSA-62wf-h26v-5m57
Affected version: <17.0.1
Reported by:
GitHub -
[HIGH] Dolibarr vulnerable to remote code execution via uppercase manipulation
PKSA-vjp5-yqyb-hsw9 CVE-2023-30253 GHSA-9wqr-5jp4-mjmh
Affected version: <17.0.1
Reported by:
GitHub -
[CRITICAL] Dolibarr vulnerable to Eval Injection
PKSA-mbfz-b6r1-yyjp CVE-2022-40871 GHSA-7cm4-vmf2-8wf2
Affected version: <=15.0.3
Reported by:
GitHub -
[MEDIUM] Cross site scripting in dolibarr
PKSA-nbwd-xphp-dm3x CVE-2022-2060 GHSA-8fvr-7945-mg7w
Affected version: <16.0
Reported by:
GitHub -
[HIGH] Code injection in dolibarr/dolibarr
PKSA-c6vz-7ss1-46ss CVE-2022-0819 GHSA-42qm-c3cf-9wv2
Affected version: <15.0.1
Reported by:
GitHub -
[MEDIUM] Logic error in dolibarr/dolibarr
PKSA-n91r-qpfg-6986 CVE-2022-0746 GHSA-8vq6-5f66-hp3r
Affected version: <16.0
Reported by:
GitHub -
[MEDIUM] Improper Authorization in dolibarr/dolibarr
PKSA-grdq-s436-n3jz CVE-2022-0731 GHSA-4xc7-x2jr-cr74
Affected version: <16.0
Reported by:
GitHub -
[MEDIUM] Dolibarr vulnerable to Improper Validation of Specified Quantity in Input
PKSA-8bmy-9syy-8jvn CVE-2022-0414 GHSA-f768-8pvq-mm6r
Affected version: <=14.0.5
Reported by:
GitHub -
[HIGH] SQL Injection in dolibarr
PKSA-w8dx-f6mj-mt46 CVE-2022-0224 GHSA-j545-frh3-r9gq
Affected version: <=14.0.5
Reported by:
GitHub -
[MEDIUM] Logic error in dolibarr
PKSA-sc5b-g3wj-xw57 CVE-2022-0174 GHSA-8qvx-f5gf-g43v
Affected version: <15.0.0
Reported by:
GitHub -
[MEDIUM] Dolibarr Cross Site Scripting (XSS) vulnerability
PKSA-g9bb-rfmc-9cbr CVE-2021-42220 GHSA-jqfp-m5f8-vg28
Affected version: <14.0.3
Reported by:
GitHub