Vulnerabilidades en dolibarr
38 resultadosCVE-2021-25954MEDIUMImproper Access Control in “Dolibarr”EPSS 0.7%CVE-2024-5314CRITICALMultiple vulnerabilities in DOLIBARR's ERP CMSEPSS 0.6%CVE-2024-23817HIGHDolibarr Application Home Page HTML injection vulnerabilityEPSS 0.6%CVE-2023-4198MEDIUMDolibarr ERP CRM (<= 17.0.3) Improper Access ControlEPSS 0.6%CVE-2023-5842MEDIUMCross-site Scripting (XSS) - Stored in dolibarr/dolibarrEPSS 0.5%CVE-2026-34036MEDIUMDolibarr Core Discloses Sensitive Data via Authenticated Local File Inclusion in selectobject.phpEPSS 0.4%CVE-2023-5323MEDIUMCross-site Scripting (XSS) - Generic in dolibarr/dolibarrEPSS 0.4%CVE-2019-25452HIGHDolibarr ERP/CRM 10.0.1 SQL Injection via elemidEPSS 0.4%CVE-2019-25710HIGHDolibarr ERP-CRM 8.0.4 SQL Injection via rowid ParameterEPSS 0.3%CVE-2019-25450HIGHDolibarr ERP/CRM 10.0.1 SQL Injection via card.phpEPSS 0.3%CVE-2021-3991MEDIUMImproper Authorization in dolibarr/dolibarrEPSS 0.3%CVE-2021-47779HIGHDolibarr ERP-CRM 14.0.2 - Stored Cross-Site Scripting (XSS) / Privilege EscalationEPSS 0.3%CVE-2026-10215MEDIUMDolibarr ERP CRM Leave Request REST API api_holidays.class.php checkUserAccessToObject improper authorizationEPSS 0.3%CVE-2020-36966MEDIUMDolibarr 11.0.3 - 'ldap.php' - Persistent Cross-Site ScriptingEPSS 0.2%CVE-2026-10154MEDIUMDolibarr ERP CRM messaging.php authorizationEPSS 0.2%CVE-2026-7688LOWDolibarr ERP CRM Shipments API Endpoint expedition.class.php _checkValForAPI sql injectionEPSS 0.2%CVE-2026-11619MEDIUMDolibarr ERP CRM Legacy Filemanager config.inc.php improper authorizationEPSS 0.2%CVE-2026-7689MEDIUMDolibarr ERP CRM Online Signature security.lib.php dol_verifyHash signature verificationEPSS 0.1%