Description
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut_buy parameter.
Remediation
References
Related Vulnerabilities
Oracle Application Server CVE-2009-1976 Vulnerability (CVE-2009-1976)
WebLogic CVE-2016-5531 Vulnerability (CVE-2016-5531)
Apache HTTP Server Other Vulnerability (CVE-2002-2012)
osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-18573)
CrushFTP Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-14038)