Description
Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter).
Remediation
References
Related Vulnerabilities
EspoCRM Server-Side Request Forgery (SSRF) Vulnerability (CVE-2023-46736)
WordPress Plugin Advance Menu Manager Cross-Site Request Forgery (2.9.6)
WordPress Plugin FoxyPress 'uploadify.php' Arbitrary File Upload (0.4.2.1)
OpenSSL Double Free Vulnerability (CVE-2003-0545)
WordPress Plugin Crisp Live Chat Cross-Site Request Forgery (0.31)