module

Dolibarr Gather Credentials via SQL Injection

Try Surface Command
Back to search
Disclosed
May 30, 2018

Description

This module enables an authenticated user to collect the usernames and
encrypted passwords of other users in the Dolibarr ERP/CRM via SQL
injection.
Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report