VYPR
Critical severityNVD Advisory· Published May 24, 2024· Updated Aug 1, 2024

Multiple vulnerabilities in DOLIBARR's ERP CMS

CVE-2024-5314

Description

Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters sortorder y sortfield in /dolibarr/admin/dict.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
dolibarr/dolibarrPackagist
<= 9.0.1

Affected products

3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.