CVE-2018-13450: Dolibarr SQL injection vulnerability in product/card.php
9.8
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.57661%
CWE
Published
5/14/2022
Updated
4/24/2024
KEV Status
No
Technology
PHP
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
dolibarr/dolibarr | composer | = 7.0.3 | 7.0.4 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from unsanitized use of the 'status_batch' parameter in product/card.php. The commit diff shows the parameter was previously retrieved with GETPOST('status_batch') without validation, then patched with GETPOST('status_batch','aZ09') to restrict input. The lack of input filtering in the vulnerable version allowed arbitrary SQL injection via this parameter. Other changes in test_sql_and_script_inject() and select_thirdparty_list() improve general SQLi protection but aren't directly tied to the CVE's root cause.