Description

Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php (type parameter).

Remediation

References

CVE-2017-9839

Related Vulnerabilities

WordPress Plugin Paid Membership, Ecommerce, Registration Form, Login Form, User Profile & Restrict Content-ProfilePress Cross-Site Scripting (3.1.10)

Oracle Database Server CVE-2014-4237 Vulnerability (CVE-2014-4237)

Apache HTTP Server CVE-2016-5387 Vulnerability (CVE-2016-5387)

Oracle JRE CVE-2013-1485 Vulnerability (CVE-2013-1485)

WordPress Plugin WP Photo Album 'photo' Parameter SQL Injection (1.0)

Severity

High

Classification

CVE-2017-9839 CWE-138 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities