logo

Database

SQL injection - Code In dolibarr/dolibarr

Description

Dolibarr SQL injection vulnerability Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter).

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2017-182602. NVD-2017-182603. OSV-2017-182604. GCVE-2017-18260

References

1. https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-010

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.