Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 (fixed version is 14.0.0) via a POST request to the country_id parameter in an UPDATE statement.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dolibarr ERP/CRM SQL注入漏洞
Vulnerability Description
Dolibarr ERP/CRM是法国Dolibarr基金会的一套基于Web的企业资源计划(ERP)和客户关系管理(CRM)系统。该系统可用来管理产品、库存、发票、订单等。 Dolibarr ERP/CRM 13.0.2(固定版本为 14.0.0)存在安全漏洞,该漏洞源于通过对 UPDATE 语句中的 country_id 参数的 POST 请求可能会导致SQL注入。
CVSS Information
N/A
Vulnerability Type
N/A