Lucene search
GoogleOSV:GHSA-57WJ-22W9-WM9RHistoryMay 14, 2022 - 3:15 a.m.
Dolibarr SQL injection vulnerability
2022-05-1403:15:06
Google
osv.dev
8
dolibarr
sql injection
vulnerability
remote attackers
arbitrary commands
integer parameters.
SQL injection vulnerability in Dolibarr before 7.0.2 allows remote attackers to execute arbitrary SQL commands via vectors involving integer parameters without quotes.
References
www.openwall.com/lists/oss-security/2018/05/21/1
github.com/Dolibarr/dolibarr
github.com/Dolibarr/dolibarr/blob/7.0.2/ChangeLog
github.com/Dolibarr/dolibarr/commit/7ade4e37f24d6859987bb9f6232f604325633fdd
nvd.nist.gov/vuln/detail/CVE-2018-10094
sysdream.com/news/lab/2018-05-21-cve-2018-10094-dolibarr-sql-injection-vulnerability
www.exploit-db.com/exploits/44805
Related
zdt
zdt
Dolibarr 7.0.0 - SQL Injection Vulnerability
2018-05-30 00:00:00
veracode
veracode
SQL Injection
2018-05-22 02:23:31
prion
prion
Sql injection
2018-05-22 20:29:00
cvelist
cvelist
CVE-2018-10094
2018-05-22 20:00:00
github
github
Dolibarr SQL injection vulnerability
2022-05-14 03:15:06
cve
cve
CVE-2018-10094
2018-05-22 20:29:01
packetstorm
packetstorm
Dolibarr 7.0.0 SQL Injection
2018-05-27 00:00:00
Dolibarr Gather Credentials via SQL Injection
2024-08-31 00:00:00
ubuntucve
ubuntucve
CVE-2018-10094
2018-05-22 00:00:00
exploitpack
exploitpack
Dolibarr ERPCRM 7.0.0 - (Authenticated) SQL Injection
2018-05-30 00:00:00
metasploit
metasploit
Dolibarr Gather Credentials via SQL Injection
2018-09-20 03:15:14
osv
osv
CVE-2018-10094
2018-05-22 20:29:01
dsquare
dsquare
Dolibarr adherents/list.php SQL Injection
2018-07-20 00:00:00
exploitdb
exploitdb
Dolibarr ERP/CRM 7.0.0 - (Authenticated) SQL Injection
2018-05-30 00:00:00
nvd
nvd
CVE-2018-10094
2018-05-22 20:29:01
openvas
openvas
Dolibarr < 7.0.2 Multiple Vulnerabilities
2018-05-24 00:00:00