dolibarr/dolibarr vulnerabilities

Dolibarr ERP & CRM is a modern and easy to use web software to manage your business

Latest version: 12.0.2

Licenses detected

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the dolibarr/dolibarr package. This does not include vulnerabilities belonging to this package’s dependencies.

Report new vulnerabilities
Vulnerability Vulnerable versions Snyk patch Published
  • H
Arbitrary File Upload
<11.0.5 Not available 03 Sep, 2020
  • M
Privilege Escalation
<11.0.5 Not available 23 Aug, 2020
  • M
Cross-site Scripting (XSS)
<9.0.3 Not available 31 Jul, 2020
  • H
Arbitrary Code Injection
<9.0.3 Not available 31 Jul, 2020
  • H
Improper Input Validation
<9.0.3 Not available 31 Jul, 2020
  • H
Cross-site Scripting (XSS)
<12.0.0 Not available 21 Jun, 2020
  • H
SQL Injection
<12.0.0 Not available 19 Jun, 2020
  • H
Cross-site Scripting (XSS)
>=0.0.0 Not available 21 May, 2020
  • H
Arbitrary File Upload
>=0.0.0 Not available 21 May, 2020
  • M
Cross-site Scripting (XSS)
<11.0.4 Not available 18 May, 2020
  • H
Improper Access Control
<11.0.4 Not available 06 May, 2020
  • M
Cross-site Request Forgery (CSRF)
>=10.0.6 Not available 16 Apr, 2020
  • M
Cross-site Scripting (XSS)
>=10.0.6 Not available 16 Apr, 2020
  • H
SQL Injection
<10.0.3 Not available 16 Mar, 2020
  • M
Cross-site Scripting (XSS)
<10.0.4 Not available 16 Mar, 2020
  • M
Cross-site Scripting (XSS)
<10.0.3 Not available 16 Mar, 2020
  • M
Cross-site Scripting (XSS)
<10.0.3 Not available 16 Mar, 2020
  • M
Cross-site Scripting (XSS)
<12.0.0 Not available 17 Feb, 2020
  • M
Cross-site Scripting (XSS)
<11.0.1 Not available 27 Jan, 2020
  • M
Cross-site Scripting (XSS)
<11.0.1 Not available 27 Jan, 2020
  • M
Cross-site Scripting (XSS)
>=0.0.0 Not available 26 Nov, 2019
  • M
Cross-site Scripting (XSS)
<10.0.3 Not available 16 Oct, 2019
  • M
Cross-site Scripting (XSS)
<10.0.3 Not available 16 Oct, 2019
  • M
Cross-site Scripting (XSS)
<10.0.3 Not available 16 Oct, 2019
  • M
Cross-site Scripting (XSS)
<11.0.1 Not available 16 Oct, 2019
  • M
Cross-site Scripting (XSS)
<10.0.2 Not available 16 Sep, 2019
  • M
Cross-site Scripting (XSS)
<10.0.2 Not available 16 Sep, 2019
  • M
Cross-site Scripting (XSS)
>6.0.3, <6.0.5 Not available 16 Jul, 2019
  • H
Cross-site Scripting (XSS)
>=3.8.0, <7.0.1 Not available 10 Mar, 2019