Description Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter. Remediation References CVE-2017-7886 Related Vulnerabilities WordPress Plugin User Domain Whitelist Multiple Vulnerabilities (1.4) Django Improper Certificate Validation Vulnerability (CVE-2020-13254) WordPress Plugin AccessPress Social Login Lite-Social Login WordPress includes Backdoor [Only if downloaded via the vendor website] (3.4.7) WordPress Plugin EZP Coming Soon Page Cross-Site Scripting (1.0.0) Oracle Database Server CVE-2006-5333 Vulnerability (CVE-2006-5333) Severity Critical Classification CVE-2017-7886 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities