CVE-2019-25710 | Dolibarr ERP-CRM 8.0.4 POST Parameter dict.php rowid sql injection (Exploit 46095 / EDB-46095)

Inserito da Angelo Barbosa | Apr 12, 2026 | CVE

A vulnerability categorized as critical has been discovered in Dolibarr ERP-CRM 8.0.4. This vulnerability affects unknown code of the file dict.php of the component POST Parameter Handler. Such manipulation of the argument rowid leads to sql injection.

This vulnerability is listed as CVE-2019-25710. The attack may be performed from remote. In addition, an exploit is available.

CVE-2019-25710 | Dolibarr ERP-CRM 8.0.4 POST Parameter dict.php rowid sql injection (Exploit 46095 / EDB-46095)

Post correlati

CVE-2023-52802 | Linux Kernel up to 6.1.63/6.5.12/6.6.2 iio stm32_adc_probe null pointer dereference

CVE-2025-64740 | Zoom Workplace VDI Client prior 6.3.14/6.4.12/6.5.10 on Windows signature verification

CVE-2024-2569 | SourceCodester Employee Task Management System 1.0 /admin-manage-user.php redirect

CVE-2026-0591 | code-projects Online Product Reservation System 1.0 Cart Update /app/checkout/update.php id/qty sql injection