oss-sec mailing list archives
Re: CVE Request: Dolibarr - Multiple Vulnerabilities
From: chevalier 3as <chevalier3as () gmail com>
Date: Sat, 11 May 2013 21:11:26 +0200
I've failed to mention command injection, fix can be found here: https://github.com/Dolibarr/dolibarr/commit/526a80dd202bbca396687a502d52c27e06e97fff 2013/5/11 chevalier 3as <chevalier3as () gmail com>
Hello Kurt, Steve, All, I'd like to request a CVE for two vulnerabilties in Dolibarr 3.3 and 3.4: 1- SQL injection in 'pays' parameter, correction details can be found here: https://github.com/Dolibarr/dolibarr/commit/9427e32e2ed54c1a2bc519a88c057207836df489 2- XSS vulnerabilty in several parameters, correction details can be found here: https://github.com/Dolibarr/dolibarr/commit/8a90598b23e1b2689848187941f7a96b04907005 Cheers, Alaeddine Mesbahi
-- Trust your Technolust
Current thread:
- CVE Request: Dolibarr - Multiple Vulnerabilities chevalier 3as (May 11)
- Re: CVE Request: Dolibarr - Multiple Vulnerabilities chevalier 3as (May 11)
- Re: Re: CVE Request: Dolibarr - Multiple Vulnerabilities Kurt Seifried (May 14)
- Re: CVE Request: Dolibarr - Multiple Vulnerabilities chevalier 3as (May 11)