Vulnerability CVE-2018-10094

Vulnerability CVE-2018-10094

Published: 2018-05-22

Description:

Type:

(Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
7.5/10	6.4/10	10/10

Affected software
Dolibarr -> Dolibarr

http://www.openwall.com/lists/oss-security/2018/05/21/1

https://github.com/Dolibarr/dolibarr/blob/7.0.2/ChangeLog

https://github.com/Dolibarr/dolibarr/commit/7ade4e37f24d6859987bb9f6232f604325633fdd

https://sysdream.com/news/lab/2018-05-21-cve-2018-10094-dolibarr-sql-injection-vulnerability/

https://www.exploit-db.com/exploits/44805/