Description
Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection. These vulnerabilities could allow a remote attacker to send a specially crafted SQL query to the system and retrieve all the information stored in the database through the parameters sortorder y sortfield in /dolibarr/admin/dict.php.
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-2737 Vulnerability (CVE-2019-2737)
Liferay DXP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2025-62245)
WordPress Plugin WP DSGVO Tools (GDPR) Unspecified Vulnerability (3.1.26)
MySQL CVE-2019-2531 Vulnerability (CVE-2019-2531)
PHP Use of Uninitialized Resource Vulnerability (CVE-2015-8390)