Description Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter. Remediation References CVE-2017-7886 Related Vulnerabilities Sqlite Out-of-bounds Read Vulnerability (CVE-2019-8457) WordPress Plugin Category Grid View Gallery Cross-Site Scripting (2.3.3) Internet Information Services Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-1999-0349) WordPress Plugin Google Forms Unspecified Vulnerability (0.93) MySQL CVE-2020-14760 Vulnerability (CVE-2020-14760) Severity Critical Classification CVE-2017-7886 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities