[CRITICAL] Dolibarr SQL injection via the integer parameters qty and value_unit

PKSA-zrs7-fc3k-cxwq CVE-2018-16809 GHSA-h34q-878w-w96r

Affected package: dolibarr/dolibarr

Affected version: >=3.8,<=7.0.0

Reported by:
GitHub