elkassimyhajar

1 exploit Active since Mar 2019
CVE-2018-16809 NOMISEC CRITICAL
Dolibarr < 7.0.0 - SQL Injection via expensereport/card.php qty and value_unit Parameters
An issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and value_unit.
CVSS 9.8