Critical severity9.8NVD Advisory· Published Jul 8, 2018· Updated Jun 17, 2026
CVE-2018-13448
CVE-2018-13448
Description
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the country_id parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dolibarr/dolibarrPackagist | >= 7.0.3, < 7.0.4 | 7.0.4 |
Affected products
1Patches
Vulnerability mechanics
References
3- github.com/Dolibarr/dolibarr/commit/36402c22eef49d60edd73a2f312f8e28fe0bd1cbnvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-m5rg-g6f9-8wpwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-13448ghsaADVISORY
News mentions
0No linked articles in our index yet.