Dolibarr Vulnerabilities
Comprehensive security vulnerability database for Dolibarr products
2
0
1
0
Severity Distribution
| Description | Vendor / Product | Exploit Status | |||
|---|---|---|---|---|---|
| CVE-2019-25452 | 8.8 | This vulnerability allows attackers to run harmful SQL commands on the Dolibarr ERP/CRM system, potentially exposing sensitive data from the database. It can be exploited by anyone without needing to log in, simply by sending specially crafted requests to a specific part of the application. | dolibarrdolibarr erp\/crm | Theoretical | about 1 month agoFeb 22, 2026 |
| CVE-2019-25450 | 7.1 | This vulnerability allows an attacker who is already logged into the Dolibarr ERP/CRM system to manipulate database queries and extract sensitive information by sending specially crafted data through specific web form fields. If exploited, the attacker can use various techniques to retrieve private data from the database without needing direct access to it. | dolibarrdolibarr erp\/crm | Exploit Available | about 1 month agoFeb 22, 2026 |
About Dolibarr Security
This page tracks all publicly disclosed security vulnerabilities (CVEs) affecting Dolibarr products. Our database is updated in real-time from the National Vulnerability Database (NVD) and enriched with exploit information from GitHub and other security research sources.
Each CVE listing includes CVSS severity scores, exploit availability status, AI-powered vulnerability summaries, and links to official patches and security advisories.