CVE-2017-18260: SQL Injection

April 11, 2018 (updated May 16, 2018)

Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter).

References

nvd.nist.gov/vuln/detail/CVE-2017-18260

Code Behaviors & Features

Detect and mitigate CVE-2017-18260 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →