Multiple SQL Injection Vulnerabilities in Dolibarr ERP/CRM Versions through 7.0.0 via comm/propal/list.php

CVE-2017-18260 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter).

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.