VIR Vulnerability Intelligence Relay

Package impact

php Packagist / dolibarr/dolibarr

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-17900 critical 9.8 9.8 9y ago Dolibarr SQL injection vulnerability in fourn/index.php
CVE-2017-17899 critical 9.8 9.8 9y ago Dolibarr SQL injection vulnerability in adherents/subscription/info.php
CVE-2017-17897 critical 9.8 9.8 9y ago Dolibarr SQL injection vulnerability in comm/multiprix.php
CVE-2017-14242 critical 9.8 9.8 9y ago Dolibarr SQL injection vulnerability in don/list.php
CVE-2017-14238 critical 9.8 9.8 9y ago Dolibarr SQL injection vulnerability in admin/menus/edit.php
CVE-2017-9435 critical 9.8 9.8 9y ago Dolibarr ERP and CRM SQLi
CVE-2017-7888 critical 9.8 9.8 9y ago Dolibarr ERP and CRM Insecure Encryption
CVE-2017-7886 critical 9.8 9.8 9y ago Dolibarr SQL Injection in doli/theme/eldy/style.css.php via the lang parameter
CVE-2026-23500 critical 9.1 9.1 1mo ago Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration
CVE-2017-9840 high 8.8 8.8 9y ago Dolibarr ERP and CRM Unsafe File Upload Vulnerability
CVE-2026-31019 high 8.0 1mo ago Dolibarr user with permission to edit PHP content can bypass filtering to restrict dangerous PHP functions
CVE-2017-17898 high 7.5 7.5 9y ago Dolibarr sensitive information disclosure
CVE-2017-14240 high 7.5 7.5 9y ago Dolibarr ERP and CRM Sensitive Data Disclosure
CVE-2017-8879 medium 6.8 6.8 9y ago Dolibarr allows password changes without supplying the current password
CVE-2017-17971 medium 6.1 6.1 9y ago Dolibarr ERP and CRM contain XSS Vulnerability
CVE-2017-7887 medium 6.1 6.1 9y ago Dolibarr ERP and CRM contain XSS Vulnerability
CVE-2017-14241 medium 5.4 5.4 9y ago Dolibarr ERP and CRM contain XSS Vulnerability
CVE-2017-14239 medium 5.4 5.4 9y ago Dolibarr cross-site scripting (XSS) vulnerability
CVE-2016-1912 medium 5.4 5.4 11y ago Dolibarr ERP and CRM contain XSS Vulnerabilities
CVE-2026-7688 medium 5.0 5.0 25d ago Dolibarr has an Injection issue
CVE-2015-3935 medium 4.3 11y ago Dolibarr ERP and CRM contain Cross-site Scripting Vulnerability
CVE-2026-7689 low 3.7 3.7 25d ago Dolibarr has Insufficient Verification of Data Authenticity