Miggo Logo

CVE-2019-19209: Dolibarr ERP and CRM SQLi

7.5

CVSS Score
3.1

Basic Information

EPSS Score
0.80638%
Published
5/24/2022
Updated
9/26/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
dolibarr/dolibarrcomposer< 10.0.310.0.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The HeroLab advisory explicitly identifies mails_templates.php as handling the vulnerable $langs->defaultlang parameter derived from the HTTP Accept-Language header. This value was used unsafely in SQL queries without proper parameterization. While exact function names aren't disclosed in available sources, the file path and variable usage pattern are specifically documented in the PoC description. The XSS-related files (dolibarr.php/main.inc.php) are excluded as they relate to a different vulnerability type (XSS) mentioned in the same advisory.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*oli**rr *RP/*RM ***or* **.*.* *llows SQL Inj**tion.

Reasoning

T** **roL** **visory *xpli*itly i**nti*i*s `m*ils_t*mpl*t*s.p*p` *s **n*lin* t** vuln*r**l* $l*n*s->****ultl*n* p*r*m*t*r **riv** *rom t** *TTP ****pt-L*n*u*** *****r. T*is v*lu* w*s us** uns***ly in SQL qu*ri*s wit*out prop*r p*r*m*t*riz*tion. W*il*