CVE-2019-25450

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

D

olibarr ERP/CRM 10.0.1 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through POST parameters. Attackers can inject malicious SQL through parameters like actioncode, demand_reason_id, and availability_id in card.php endpoints to extract sensitive database information using boolean-based blind, error-based, and time-based blind techniques.

References

Link	Resource
https://www.exploit-db.com/exploits/47370	Exploit VDB Entry
https://www.vulncheck.com/advisories/dolibarr-erpcrm-sql-injection-via-cardphp	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:a:dolibarr:dolibarr_erp\/crm:10.0.1:*:*:*:*:*:*:*

History

02 Mar 2026, 15:16

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.1~~	v2 : unknown v3 : 7.5

25 Feb 2026, 18:31

Type	Values Removed	Values Added
First Time		Dolibarr dolibarr Erp\/crm Dolibarr
References	~~() https://www.exploit-db.com/exploits/47370 -~~	() https://www.exploit-db.com/exploits/47370 - Exploit, VDB Entry
References	~~() https://www.vulncheck.com/advisories/dolibarr-erpcrm-sql-injection-via-cardphp -~~	() https://www.vulncheck.com/advisories/dolibarr-erpcrm-sql-injection-via-cardphp - Broken Link
CPE		cpe:2.3:a:dolibarr:dolibarr_erp\/crm:10.0.1:::::::*

23 Feb 2026, 18:13

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-22 14:16

Updated : 2026-03-02 15:16

NVD link : CVE-2019-25450

Mitre link : CVE-2019-25450

CVE.ORG link : CVE-2019-25450

JSON object : View

Products Affected

dolibarr_erp\/crm

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2019-25450", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-02-22T14:16:01.990", "references": [{"url": "https://www.exploit-db.com/exploits/47370", "tags": ["Exploit", "VDB Entry"], "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/dolibarr-erpcrm-sql-injection-via-cardphp", "tags": ["Broken Link"], "source": "[email protected]"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Dolibarr ERP/CRM 10.0.1 contains multiple SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through POST parameters. Attackers can inject malicious SQL through parameters like actioncode, demand_reason_id, and availability_id in card.php endpoints to extract sensitive database information using boolean-based blind, error-based, and time-based blind techniques."}, {"lang": "es", "value": "Dolibarr ERP/CRM 10.0.1 contiene m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL que permiten a atacantes autenticados manipular consultas de bases de datos inyectando c\u00f3digo SQL a trav\u00e9s de par\u00e1metros POST. Los atacantes pueden inyectar SQL malicioso a trav\u00e9s de par\u00e1metros como actioncode, demand_reason_id y availability_id en los endpoints de card.php para extraer informaci\u00f3n sensible de la base de datos utilizando t\u00e9cnicas ciegas basadas en booleanos, basadas en errores y ciegas basadas en tiempo."}], "lastModified": "2026-03-02T15:16:23.900", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:10.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39568D7F-8246-4745-A20B-A89BBC4A710C"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}