Description
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in fiche.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin ZoomSounds-WordPress Wave Audio Player with Playlist Directory Traversal (6.45)
Sqlite Out-of-bounds Read Vulnerability (CVE-2021-31239)
WordPress Plugin All-in-One WP Migration Multiple Cross-Site Request Forgery Vulnerabilities (7.1)
WordPress Plugin Appointment Booking Calendar Cross-Site Scripting (1.3.18)
WordPress Plugin Gantry 4 Framework Cross-Site Scripting (4.1.5)