WEB APPLICATION VULNERABILITIES Standard & Premium

Dolibarr Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-19209)

Description

Dolibarr ERP/CRM before 10.0.3 allows SQL Injection.

Remediation

References

Related Vulnerabilities

Roundcube Cross-site Scripting (XSS) Vulnerability (CVE-2015-8864)

MySQL Observable Discrepancy Vulnerability (CVE-2019-1559)

OpenSSL Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-3711)

Plone CMS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-5500)

Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-5720)

Severity

High

Classification

CVE-2019-19209 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities