Description
An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 (fixed version is 14.0.0) via a POST request to the country_id parameter in an UPDATE statement.
Remediation
References
Related Vulnerabilities
WordPress Plugin Chat-Support Board-WordPress Chat Cross-Site Scripting (1.2.8)
WordPress Plugin BuddyBoss Wall Cross-Site Scripting (1.1.7)
WordPress Plugin WP TFeed includes Backdoor [Only if downloaded via the vendor website] (1.6.7)
WordPress Plugin N-Media Website Contact Form with File Upload Local File Inclusion (1.5)