CVE-2011-4802
published 2011-12-14CVE-2011-4802: Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1)…
PriorityP342medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EXPLOIT
EPSS
5.67%
92.0th percentile
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall parameters to user/index.php and (b) user/group/index.php; the id parameter to (4) info.php, (5) perms.php, (6) param_ihm.php, (7) note.php, and (8) fiche.php in user/; and (9) rowid parameter to admin/boxes.php.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dolibarr | dolibarr_erp_crm | <= 3.1.0 | — |
| dolibarr | dolibarr_erp_crm | — | — |
| dolibarr | dolibarr_erp_crm | — | — |
| dolibarr | dolibarr_erp_crm | — | — |
| dolibarr | dolibarr_erp_crm | — | — |
| dolibarr | dolibarr_erp_crm | — | — |
| dolibarr | dolibarr_erp_crm | — | — |
| dolibarr | dolibarr_erp_crm | — | — |
| dolibarr | dolibarr_erp_crm | — | — |
| dolibarr | dolibarr_erp_crm | — | — |
| dolibarr | dolibarr_erp_crm | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Dolibarr ERP/CRM 3.1.0 - '/admin/boxes.php?rowid' SQL Injection
exploitdb·2011-11-23
CVE-2011-4802 Dolibarr ERP/CRM 3.1.0 - '/admin/boxes.php?rowid' SQL Injection
Dolibarr ERP/CRM 3.1.0 - '/admin/boxes.php?rowid' SQL Injection
---
source: https://www.securityfocus.com/bid/50777/info
Dolibarr is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Dolibarr 3.1.0 RC is vulnerable; prior versions may also be affected.
http://www.example.com/admin/boxes.php?action=delete&rowid=SQL_CODE_HERE
Exploit-DB
Dolibarr ERP/CRM 3.1.0 - '/user/index.php' Multiple SQL Injections
exploitdb·2011-11-23
CVE-2011-4802 Dolibarr ERP/CRM 3.1.0 - '/user/index.php' Multiple SQL Injections
Dolibarr ERP/CRM 3.1.0 - '/user/index.php' Multiple SQL Injections
---
source: https://www.securityfocus.com/bid/50777/info
Dolibarr is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Dolibarr 3.1.0 RC is vulnerable; prior versions may also be affected.
http://www.example.com/user/index.php?sall=1%%27%29%20%75%6e%69%6f%6e%20%73%65%6c%65%63%74%201,version%28%29, 3,4,5,6,7,8,9,10,11,12,13,14%20--%20
http://www.example.com/user/index.php?begin=searc
Exploit-DB
Dolibarr ERP/CRM 3.1.0 - '/user/info.php?id' SQL Injection
exploitdb·2011-11-23
CVE-2011-4802 Dolibarr ERP/CRM 3.1.0 - '/user/info.php?id' SQL Injection
Dolibarr ERP/CRM 3.1.0 - '/user/info.php?id' SQL Injection
---
source: https://www.securityfocus.com/bid/50777/info
Dolibarr is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Dolibarr 3.1.0 RC is vulnerable; prior versions may also be affected.
http://www.example.com/user/info.php?id=1 INTO OUTFILE '../../../tmp/example'
No writeups or analysis indexed.
http://osvdb.org/77340http://osvdb.org/77341http://osvdb.org/77342http://osvdb.org/77343http://osvdb.org/77344http://osvdb.org/77345http://osvdb.org/77346http://osvdb.org/77347http://www.securityfocus.com/archive/1/520619/100/0/threadedhttp://www.securityfocus.com/bid/50777https://github.com/Dolibarr/dolibarr/commit/63820ab37537fdff842539425b2bf2881f0d8e91https://github.com/Dolibarr/dolibarr/commit/762f98ab4137749d0993612b4e3544a4207e78a1https://github.com/Dolibarr/dolibarr/commit/c539155d6ac2f5b6ea75b87a16f298c0090e535ahttps://github.com/Dolibarr/dolibarr/commit/d08d28c0cda1f762a47cc205d4363de03df16675https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_dolibarr.htmlhttp://osvdb.org/77340http://osvdb.org/77341http://osvdb.org/77342http://osvdb.org/77343http://osvdb.org/77344http://osvdb.org/77345http://osvdb.org/77346http://osvdb.org/77347http://www.securityfocus.com/archive/1/520619/100/0/threadedhttp://www.securityfocus.com/bid/50777https://github.com/Dolibarr/dolibarr/commit/63820ab37537fdff842539425b2bf2881f0d8e91https://github.com/Dolibarr/dolibarr/commit/762f98ab4137749d0993612b4e3544a4207e78a1https://github.com/Dolibarr/dolibarr/commit/c539155d6ac2f5b6ea75b87a16f298c0090e535ahttps://github.com/Dolibarr/dolibarr/commit/d08d28c0cda1f762a47cc205d4363de03df16675https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_dolibarr.html
2011-12-14
Published