EPSS
Percentile
39.3%
Dolibarr is vulnerable to multiple SQL injection attacks. The search_country, search_type_thirdparty, viewstatut, viewstatut, search_sale, and search_user user-supplied values are not escaped before being placed into an SQL statement.
search_country
search_type_thirdparty
viewstatut
search_sale
search_user
github.com/Dolibarr/dolibarr/commit/f3a5975cf861ef4bf315d71e197db97cece1f36e
www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-010