Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) in list.php or (2) rowid parameter to adherents/fiche.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dolibarr ‘adherents/fiche.php’ SQL注入漏洞
Vulnerability Description
Dolibarr是法国Dolibarr基金会的一套基于Web的企业资源计划(ERP)和客户关系管理(CRM)系统。该系统可用来管理产品、库存、发票、订单等。 Dolibarr中存在SQL注入漏洞,该漏洞源于对用户提供的数据在用于SQL查询之前未经正确过滤。攻击者可利用此漏洞操控应用程序,访问或修改数据,或在底层数据库中利用此漏洞。Dolibarr 3.2.0 Alpha版本存在漏洞,其它版本也可能受到影响。
CVSS Information
N/A
Vulnerability Type
N/A