CVE-2011-4802

N/A Unknown
Published: December 14, 2011 Modified: April 29, 2026
View on NVD

Description

Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall parameters to user/index.php and (b) user/group/index.php; the id parameter to (4) info.php, (5) perms.php, (6) param_ihm.php, (7) note.php, and (8) fiche.php in user/; and (9) rowid parameter to admin/boxes.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://osvdb.org/77340
Source: cve@mitre.org
Broken Link
http://osvdb.org/77341
Source: cve@mitre.org
Broken Link
http://osvdb.org/77342
Source: cve@mitre.org
Broken Link
http://osvdb.org/77343
Source: cve@mitre.org
Broken Link
http://osvdb.org/77344
Source: cve@mitre.org
Broken Link
http://osvdb.org/77345
Source: cve@mitre.org
Broken Link
http://osvdb.org/77346
Source: cve@mitre.org
Broken Link Exploit
http://osvdb.org/77347
Source: cve@mitre.org
Broken Link Exploit
http://www.securityfocus.com/archive/1/520619/100/0/threaded
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/50777
Source: cve@mitre.org
Exploit Third Party Advisory VDB Entry
https://github.com/Dolibarr/dolibarr/commit/63820ab37537fdff842539425b2bf2881f0d8e91
Source: cve@mitre.org
Exploit Patch
https://github.com/Dolibarr/dolibarr/commit/762f98ab4137749d0993612b4e3544a4207e78a1
Source: cve@mitre.org
Exploit Patch
https://github.com/Dolibarr/dolibarr/commit/c539155d6ac2f5b6ea75b87a16f298c0090e535a
Source: cve@mitre.org
Exploit Patch
https://github.com/Dolibarr/dolibarr/commit/d08d28c0cda1f762a47cc205d4363de03df16675
Source: cve@mitre.org
Exploit Patch
https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_dolibarr.html
Source: cve@mitre.org
Exploit
http://osvdb.org/77340
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://osvdb.org/77341
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://osvdb.org/77342
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://osvdb.org/77343
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://osvdb.org/77344
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://osvdb.org/77345
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://osvdb.org/77346
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Exploit
http://osvdb.org/77347
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Exploit
http://www.securityfocus.com/archive/1/520619/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/50777
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://github.com/Dolibarr/dolibarr/commit/63820ab37537fdff842539425b2bf2881f0d8e91
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch
https://github.com/Dolibarr/dolibarr/commit/762f98ab4137749d0993612b4e3544a4207e78a1
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch
https://github.com/Dolibarr/dolibarr/commit/c539155d6ac2f5b6ea75b87a16f298c0090e535a
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch
https://github.com/Dolibarr/dolibarr/commit/d08d28c0cda1f762a47cc205d4363de03df16675
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch
https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_dolibarr.html
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit

30 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
5.7%
92th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-89

Affected Vendors

dolibarr

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8