Description
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut_buy parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Caret Country Access Limit Cross-Site Scripting (1.0.1)
Joomla! Core 1.6.0 Multiple Vulnerabilities (1.6.0)
WordPress Plugin Admin Columns CSV Injection (3.4.6)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-17081)
WordPress Plugin Gallery-Flagallery Photo Portfolio Information Disclosure (4.24)