Vulnerabilidades em dolibarr
38 resultadosCVE-2022-0819HIGHCode Injection in dolibarr/dolibarrEPSS 43.6%CVE-2024-5315CRITICALMultiple vulnerabilities in DOLIBARR's ERP CMSEPSS 32.9%CVE-2023-4197HIGHDolibarr ERP CRM (<= 18.0.1) Improper Input Sanitization Authenticated RCEEPSS 32.8%CVE-2026-22666HIGHDolibarr ERP/CRM < 23.0.2 Authenticated RCE via dol_eval_standard()EPSS 15.5%CVE-2013-2093—Dolibarr ERP/CRM 3.3.1 does not properly validate user input in viewimage.php and barcode.lib.php which allows remote attackers to execute aEPSS 5.2%CVE-2022-4093HIGH SQL Injection in dolibarr/dolibarrEPSS 4.0%CVE-2013-2091—SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute arbitrary SQL commands via the 'pays' parameter in EPSS 2.5%CVE-2022-0224HIGHSQL Injection in dolibarr/dolibarrEPSS 2.0%CVE-2018-25357CRITICALDolibarr ERP CRM 7.0.3 Remote Code Execution via install/step1.phpEPSS 1.7%CVE-2013-2092—Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary web script or HTML in functions.lib.php.EPSS 1.3%CVE-2021-25957HIGHAccount Takeover in "Dolibarr" via Password Reset FunctionalityEPSS 1.1%CVE-2022-0414MEDIUMImproper Validation of Specified Quantity in Input in dolibarr/dolibarrEPSS 1.1%CVE-2022-0731MEDIUMImproper Access Control (IDOR) in dolibarr/dolibarrEPSS 1.0%CVE-2021-25956MEDIUMImproper User Access Control in "Dolibarr" Leads to Account TakeoverEPSS 0.9%CVE-2026-23500CRITICALDolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configurationEPSS 0.9%CVE-2021-25955CRITICALStored XSS in “Dolibarr” leads to privilege escalationEPSS 0.9%CVE-2025-67486HIGHDolibarr has an Authenticated Remote Code Execution via eval() injection in user extrafieldsEPSS 0.9%CVE-2022-0746MEDIUMBusiness Logic Errors in dolibarr/dolibarrEPSS 0.9%CVE-2022-0174MEDIUMImproper Validation of Specified Quantity in Input in dolibarr/dolibarrEPSS 0.9%CVE-2022-2060HIGHCross-site Scripting (XSS) - Stored in dolibarr/dolibarrEPSS 0.8%