浏览 34+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-23500 | Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration | Dolibarr | dolibarr | - | - | 2026-04-17 20:25:50 | Deep Dive |
| CVE-2019-25710 | Dolibarr ERP-CRM 8.0.4 SQL Injection via rowid Parameter | Dolibarr | Dolibarr ERP-CRM | High | 8.2 | 2026-04-12 12:28:55 | Deep Dive |
| CVE-2026-22666 | Dolibarr ERP/CRM < 23.0.2 Authenticated RCE via dol_eval_standard() | Dolibarr | Dolibarr ERP/CRM | High | 7.2 | 2026-04-07 12:41:31 | Deep Dive |
| CVE-2026-34036 | Dolibarr Core Discloses Sensitive Data via Authenticated Local File Inclusion in selectobject.php | Dolibarr | dolibarr | Medium | 6.5 | 2026-03-31 01:39:38 | Deep Dive |
| CVE-2019-25452 | Dolibarr ERP/CRM 10.0.1 SQL Injection via elemid | Dolibarr | Dolibarr ERP/CRM | High | 7.5 | 2026-02-22 13:18:26 | Deep Dive |
| CVE-2019-25450 | Dolibarr ERP/CRM 10.0.1 SQL Injection via card.php | Dolibarr | Dolibarr ERP/CRM | High | 7.5 | 2026-02-22 13:18:25 | Deep Dive |
| CVE-2020-36966 | Dolibarr 11.0.3 - 'ldap.php' - Persistent Cross-Site Scripting | Dolibarr | Dolibarr | Medium | 6.4 | 2026-01-30 16:16:37 | Deep Dive |
| CVE-2021-47779 | Dolibarr ERP-CRM 14.0.2 - Stored Cross-Site Scripting (XSS) / Privilege Escalation | Dolibarr | CRM | Medium | 5.4 | 2026-01-15 23:25:37 | Deep Dive |
| CVE-2012-10059 | Dolibarr ERP/CRM Post-Auth OS Command Injection | Dolibarr Project | ERP/CRM | - | - | 2025-08-13 20:33:51 | Deep Dive |
| CVE-2021-3991 | Improper Authorization in dolibarr/dolibarr | dolibarr | dolibarr/dolibarr | - | - | 2024-11-15 10:52:49 | Deep Dive |
| CVE-2024-5315 | Multiple vulnerabilities in DOLIBARR's ERP CMS | Dolibarr | ERP CMS | Critical | 9.1 | 2024-05-24 10:06:49 | Deep Dive |
| CVE-2024-5314 | Multiple vulnerabilities in DOLIBARR's ERP CMS | Dolibarr | ERP CMS | Critical | 9.1 | 2024-05-24 10:00:45 | Deep Dive |
| CVE-2024-23817 | Dolibarr Application Home Page HTML injection vulnerability | Dolibarr | dolibarr | High | 7.1 | 2024-01-25 19:42:30 | Deep Dive |
| CVE-2023-4198 | Dolibarr ERP CRM (<= 17.0.3) Improper Access Control | Dolibarr | Dolibarr ERP CRM | Medium | 6.5 | 2023-11-01 08:01:16 | Deep Dive |
| CVE-2023-4197 | Dolibarr ERP CRM (<= 18.0.1) Improper Input Sanitization Authenticated RCE | Dolibarr | Dolibarr ERP CRM | High | 7.5 | 2023-11-01 07:58:57 | Deep Dive |
| CVE-2023-5842 | Cross-site Scripting (XSS) - Stored in dolibarr/dolibarr | dolibarr | dolibarr/dolibarr | 中危 | - | 2023-10-30 00:00:21 | Deep Dive |
| CVE-2023-5323 | Cross-site Scripting (XSS) - Generic in dolibarr/dolibarr | dolibarr | dolibarr/dolibarr | 中危 | - | 2023-10-01 00:00:19 | Deep Dive |
| CVE-2022-4093 | SQL Injection in dolibarr/dolibarr | dolibarr | dolibarr/dolibarr | 超危 | - | 2022-11-21 00:00:00 | Deep Dive |
| CVE-2022-2060 | Cross-site Scripting (XSS) - Stored in dolibarr/dolibarr | dolibarr | dolibarr/dolibarr | 中危 | - | 2022-06-13 08:50:10 | Deep Dive |
| CVE-2022-0819 | Code Injection in dolibarr/dolibarr | dolibarr | dolibarr/dolibarr | 高危 | - | 2022-03-02 15:40:13 | Deep Dive |