Dolibarr ERP/CRM SQL Injection Vulnerability (CNVD-2022-85108)

Dolibarr ERP/CRM is a web-based enterprise resource planning (ERP) and customer relationship management (CRM) system from the French Dolibarr Foundation. The system can be used to manage products, inventory, invoices, orders, etc. A SQL injection vulnerability exists in Dolibarr ERP/CRM, which stems from the fact that a POST request for the country_id parameter in the UPDATE statement may lead to SQL injection. No detailed vulnerability details are currently available.