Dolibarr Erp Crm Dolibarr vulnerabilities
2 known vulnerabilities affecting dolibarr_erp_crm/dolibarr.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2019-1010054HIGHCVSS 8.8v7.0.02019-07-18
CVE-2019-1010054 [HIGH] CWE-352 CVE-2019-1010054: Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: allow malitious htm
Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: allow malitious html to change user password, disable users and disable password encryptation. The component is: Function User password change, user disable and password encryptation. The attack vector is: admin access malitious urls.
cvelistv5nvd
CVE-2019-1010016MEDIUMCVSS 6.1v6.0.42019-07-15
CVE-2019-1010016 [MEDIUM] CWE-79 CVE-2019-1010016: Dolibarr 6.0.4 is affected by: Cross Site Scripting (XSS). The impact is: Cookie stealing. The compo
Dolibarr 6.0.4 is affected by: Cross Site Scripting (XSS). The impact is: Cookie stealing. The component is: htdocs/product/stats/card.php. The attack vector is: Victim must click a specially crafted link sent by the attacker.
cvelistv5nvd