dolibarr security advisories

3 threat alerts tracking vulnerabilities and security advisories that affect dolibarr products.

Vulnios monitors dolibarr CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent dolibarr security news in one place, or click into an individual alert for full detail.

Critical Vulnerability: CVE-2017-9435 — dolibarr — dolibarr
Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user/index.php (search_supervisor and search_statut parameters).
criticalCVE-2017-9435
Critical Vulnerability: CVE-2017-7886 — dolibarr — dolibarr_erp\/crm
Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter.
criticalCVE-2017-7886
Critical Vulnerability: CVE-2017-7888 — dolibarr — dolibarr_erp\/crm
Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which makes brute-force attacks easier.
criticalCVE-2017-7888

Track dolibarr exposure across your environment

Vulnios automatically cross-references your asset inventory against new dolibarr CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.

Start a free scan

dolibarr security advisories

Critical Vulnerability: CVE-2017-9435 — dolibarr — dolibarr

Critical Vulnerability: CVE-2017-7886 — dolibarr — dolibarr_erp\/crm

Critical Vulnerability: CVE-2017-7888 — dolibarr — dolibarr_erp\/crm

Track dolibarr exposure across your environment