logo

Database

SQL injection - Code In dolibarr/dolibarr

Description

Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version

Aliases

1. CVE-2017-78862. NVD-2017-78863. OSV-2017-78864. GCVE-2017-7886

References

1. https://www.foxmole.com/advisories/foxmole-2017-02-23.txt

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.