Critical severity9.8NVD Advisory· Published Jun 5, 2017· Updated May 13, 2026
CVE-2017-9435
CVE-2017-9435
Description
Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php (search_supervisor and search_statut parameters).
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dolibarr/dolibarrPackagist | < 5.0.3 | 5.0.3 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/Dolibarr/dolibarr/blob/develop/ChangeLognvdPatchRelease NotesVendor AdvisoryWEB
- github.com/Dolibarr/dolibarr/commit/70636cc59ffa1ffbc0ce3dba315d7d9b837aad04nvdPatchWEB
- github.com/advisories/GHSA-v3m8-7h3p-6j5mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-9435ghsaADVISORY
News mentions
0No linked articles in our index yet.