SQL Injection Vulnerability in Dolibarr ERP/CRM User Search Parameters

SQL Injection Vulnerability in Dolibarr ERP/CRM User Search Parameters

CVE-2017-9435 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php (search_supervisor and search_statut parameters).

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.