CVE-2014-7137

EUVD-2014-7016
Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow remote authenticated users to execute arbitrary SQL commands via the (1) contactid parameter in an addcontact action, (2) ligne parameter in a swapstatut action, or (3) project_ref parameter to projet/tasks/contact.php; (4) lineid parameter in a deletecontact action, (5) ligne parameter in a swapstatut action, or (6) ref parameter to projet/contact.php; (7) id parameter to compta/bank/fiche.php, (8) contact/info.php, (9) holiday/index.php, (10) product/stock/fiche.php, (11) product/stock/info.php, or (12) in an edit action to product/stock/fiche.php; (13) productid parameter in an addline action to product/stock/massstockmove.php; (14) project_ref parameter to projet/tasks/note.php; (15) ref parameter to element.php, (16) ganttview.php, (17) note.php, or (18) tasks.php in projet/; (19) sall or (20) sref parameter to comm/mailing/liste.php; (21) search_bon, (22) search_ligne, (23) search_societe, or (24) search_code parameter to compta/prelevement/liste.php; (25) search_label parameter to compta/sociales/index.php; (26) search_project parameter to projet/tasks/index.php; (27) search_societe parameter to compta/prelevement/demandes.php; (28) search_statut parameter to user/index.php; (29) socid parameter to compta/recap-compta.php, (30) societe/commerciaux.php, or (31) societe/rib.php; (32) sortorder, (33) sref, (34) sall, or (35) sortfield parameter to product/stock/liste.php; (36) statut parameter to adherents/liste.php or (37) compta/dons/liste.php; (38) tobuy or (39) tosell parameter to product/liste.php; (40) tobuy, (41) tosell, (42) search_categ, or (43) sref parameter to product/reassort.php; (44) type parameter to product/index.php; or the (a) sortorder or (b) sortfield parameter to (45) compta/paiement/cheque/liste.php, (46) compta/prelevement/bons.php, (47) compta/prelevement/rejets.php, (48) product/stats/commande.php, (49) product/stats/commande_fournisseur.php, (50) product/stats/contrat.php, (51) product/stats/facture.php, (52) product/stats/facture_fournisseur.php, (53) product/stats/propal.php, or (54) product/stock/replenishorders.php.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
Affected Products (NVD)
VendorProductVersion
dolibarrdolibarr
𝑥
≤ 3.6.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
dolibarr
artful
ignored
bionic
dne
cosmic
dne
disco
dne
lucid
dne
precise
dne
trusty
dne
utopic
ignored
vivid
ignored
wily
ignored
xenial
not-affected
yakkety
ignored
zesty
ignored
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/129175/Dolibarr-ERP-And-CRM-3.5.3-SQL-Injection.html
http://seclists.org/fulldisclosure/2014/Nov/56
http://www.securityfocus.com/archive/1/534020/100/0/threaded
http://www.securityfocus.com/bid/71189
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7137/
http://packetstormsecurity.com/files/129175/Dolibarr-ERP-And-CRM-3.5.3-SQL-Injection.html
http://seclists.org/fulldisclosure/2014/Nov/56
http://www.securityfocus.com/archive/1/534020/100/0/threaded
http://www.securityfocus.com/bid/71189
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-7137/