Description
Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php.
Remediation
References
Related Vulnerabilities
Ruby on Rails Improper Access Control Vulnerability (CVE-2015-7577)
MySQL CVE-2016-0502 Vulnerability (CVE-2016-0502)
SharePoint CVE-2022-38053 Vulnerability (CVE-2022-38053)
WordPress 3.4 Multiple Vulnerabilities (3.4)
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1024)