CVE-2018-13450

Опубликовано: 08 июл. 2018

Источник: debian

Описание

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the status_batch parameter.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
dolibarr	removed			package

Примечания

https://github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cb

Связанные уязвимости

CVE-2018-13450

CVSS3: 9.8

ubuntu

около 7 лет назад

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the status_batch parameter.

CVE-2018-13450

CVSS3: 9.8

nvd

около 7 лет назад

SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the status_batch parameter.

GHSA-24q2-6x37-cgcx

CVSS3: 9.8

github

около 3 лет назад

Dolibarr SQL injection vulnerability in product/card.php