Dolibarr Dolibarr Erp Crm
3 CVEs affecting Dolibarr Dolibarr Erp Crm. Latest disclosed: 2026-05-23. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-25357 | Critical | 9.8 | 2026-05-23 | Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code thr… |
CVE-2023-4197 | High | 7.5 | 2023-11-01 | Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an attacker… |
CVE-2023-4198 | Medium | 6.5 | 2023-11-01 | Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows an unauthorized authenticated user to read a database table containing customer data |