Description Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter. Remediation References CVE-2017-7886 Related Vulnerabilities Drupal CVE-2017-6919 Vulnerability (CVE-2017-6919) PHP Out-of-bounds Write Vulnerability (CVE-2019-11043) WordPress 3.5.1 Multiple Vulnerabilities (2.0 - 3.5.1) WordPress Plugin WordPress-Amazon-Associate (WPAA) Multiple Cross-Site Scripting Vulnerabilities (1.7.3) WordPress Plugin WP ULike Multiple Vulnerabilities (3.1) Severity Critical Classification CVE-2017-7886 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities