CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-9435

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0670%
EPSS Percentile9.17th
Published2017年6月5日
Last Modified2026年5月13日

Vulnerability Description

Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php (search_supervisor and search_statut parameters).

Affected Platforms (CPE)

📦
Dolibarr

Dolibarr

<= 5.0.2

References & Advisories

🔗 https://github.com/Dolibarr/dolibarr/blob/develop/ChangeLog
🔗 https://github.com/Dolibarr/dolibarr/commit/70636cc59ffa1ffbc0ce3dba315d7d9b837aad04
🔗 https://github.com/Dolibarr/dolibarr/blob/develop/ChangeLog
🔗 https://github.com/Dolibarr/dolibarr/commit/70636cc59ffa1ffbc0ce3dba315d7d9b837aad04

相关漏洞威胁

CVE-2017-142429.8

SQL injection vulnerability in don/list.php in Dolibarr version 6.0.0 allows remote attackers to execute arbitrary SQL commands vi...

CVE-2017-178979.8

SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary S...

CVE-2017-142389.8

SQL injection vulnerability in admin/menus/edit.php in Dolibarr ERP/CRM version 6.0.0 allows remote attackers to execute arbitrary...

CVE-2017-178999.8

SQL injection vulnerability in adherents/subscription/info.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execut...