漏洞类别:CGI
漏洞等级: 
漏洞信息
Dolibarr ERP/CRM is an open source, free software package for small and medium companies, foundations or freelancers.
Dolibarr ERP and CRM contains the following vulnerabilities:
CVE-2017-7886: SQL injection vulnerability in the /theme/eldy/style.css.php source file via the lang parameter.
CVE-2017-7887: Cross-site scripting in the /societe/list.php source file via the sall parameter.
CVE-2017-7888: Dolibarr ERP and CRM stores passwords with the MD5 algorithm; without a salt value, which makes password cracking attacks easier.
CVE-2017-7889: Vulnerable versions allow password changes without supplying the current password, which makes it easier for physically proximate attackers to obtain access via an unattended workstation.
Affected Versions:
Dolibarr 4.0.4
QID Detection Logic:
This QID launches a non-intrusive SQL injection request to the /theme/eldy/style.css.php source file via the lang parameter.
漏洞危害
Depending on the vulnerability being exploited, an unauthenticated remote attacker could conduct SQL injection, cross-site scripting attacks or bruteforce user passwords on a targeted system.
解决方案
N/A
Workaround:
An official confirmation about these vulnerabilities being fixed by the vendor does not exist. However, in our tests, Dolibarr 4.0.6 seems to be patched against these vulnerabilities. However, customers are advised to contact the vendor for updates pertaining to this vulnerability.
0daybank
文章评论