Dolibarr ERP CRM 4.0.4

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:dolibarr:dolibarr_erp\/crm:4.0.4:*:*:*:*:*:*:*

part: a version: 4.0.4 update: *

VendorDolibarr (63aa6448-b9f1-5072-badf-d5da7e178b3f)
ProductDolibarr Erp/Crm (43fce236-1427-50a7-9efe-8afa61d3c40d)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2017-8879 vulnerable 2026-06-08 05:10:09.031738 Details available
Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the current password, which makes it easier for physically proximate attackers to obtain access via an unattended workstation.
Published: 2017-05-10T14:00:00.000Z
Updated: 2024-09-16T18:19:40.331Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-7888 vulnerable 2026-06-08 05:10:06.272581 Details available
Dolibarr ERP/CRM 4.0.4 stores passwords with the MD5 algorithm, which makes brute-force attacks easier.
Published: 2017-05-10T14:00:00.000Z
Updated: 2024-08-05T16:19:28.475Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-7887 vulnerable 2026-06-08 05:10:06.272289 Details available
Dolibarr ERP/CRM 4.0.4 has XSS in doli/societe/list.php via the sall parameter.
Published: 2017-05-10T14:00:00.000Z
Updated: 2024-08-05T16:19:29.289Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2017-7886 vulnerable 2026-06-08 05:10:06.271894 Details available
Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter.
Published: 2017-05-10T14:00:00.000Z
Updated: 2024-08-05T16:19:28.512Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.