CVE-2026-31018 | Dolibarr ERP CRM up to 22.0.4 Website code injection

Inserito da Angelo Barbosa | Apr 21, 2026 | CVE

A vulnerability labeled as critical has been found in Dolibarr ERP CRM up to 22.0.4. Affected by this issue is some unknown functionality of the component Website Module. Executing a manipulation can lead to code injection.

This vulnerability is registered as CVE-2026-31018. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-31018 | Dolibarr ERP CRM up to 22.0.4 Website code injection

Post correlati

CVE-2024-6484 | Bootstrap up to 3.4.1 cross site scripting

CVE-2024-5908 | Palo Alto Networks GlobalProtect App up to 5.1.11/6.0.7/6.1.2/6.2.2 log file

CVE-2023-35895 | IBM Informix JDBC 4.10/4.50 JNDI os command injection (XFDB-259116)

CVE-2025-1548 | iteachyou Dreamer CMS 4.1.3 /admin/archives/edit editorValue/answer/content cross site scripting