Headline
CVE-2017-17897: FIX security vulnerability reported by ADLab of Venustech · Dolibarr/dolibarr@4a5988a
SQL injection vulnerability in comm/multiprix.php in Dolibarr ERP/CRM version 6.0.4 allows remote attackers to execute arbitrary SQL commands via the id parameter.
@@ -33,7 +33,7 @@ $langs->load(“companies”);
// Security check $socid = isset($_GET[“socid”])?$_GET[“socid”]:’’; $socid = GETPOST("socid", ‘int’); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, ‘societe’,$socid,’’);
@@ -81,7 +81,7 @@ while ($i < $num) { $row = $db->fetch_row($resql);
print '<tr class="oddeven">’; print '<td>’.$langs->trans($commande->statuts[$row[1]]).’</td>’; @@ -132,7 +132,7 @@ $var = true; while ($i < $num) {
$obj = $db->fetch_object($resql); print '<tr class="oddeven"><td class="nowrap">’; $commandestatic->id=$obj->rowid; @@ -151,7 +151,7 @@ } if ($total>0) {
print '<tr class="liste_total"><td>’.$langs->trans(“Total”).’</td><td colspan="2" align="right">’.price($total)."</td></tr>"; } print "</table>"; @@ -190,7 +190,7 @@ while ($i < $num && $i < 20) { $obj = $db->fetch_object($resql);
print '<tr class="oddeven"><td class="nowrap">’; $facturestatic->ref=$obj->ref; $facturestatic->id=$obj->rowid; @@ -263,7 +263,7 @@
while ($obj = $db->fetch_object($resql) ) {
print '<tr class="oddeven">’; print '<td><a href="card.php?socid=’.$obj->socid.’">’.img_object($langs->trans(“ShowSupplier”),"company").’</a>’; @@ -300,7 +300,7 @@
foreach ($companystatic->SupplierCategories as $rowid => $label) {
print "<tr ".$bc[$var].">\n"; print '<td>’; $categstatic->id=$rowid;