Primary

Context

Dolibarr ERP/CRM SQL Injection Vulnerability in viewcat.php Endpoint

Vulnerability

A SQL injection vulnerability has been identified in Dolibarr ERP/CRM version 10.0.1. The issue resides in the elemid POST parameter of the viewcat.php endpoint, allowing unauthenticated attackers to execute arbitrary SQL queries. Exploitation involves sending crafted POST requests with malicious SQL payloads in the elemid parameter, enabling the extraction of sensitive database information through error-based or time-based blind SQL injection techniques.

Impact

Exploitation of this vulnerability allows for arbitrary SQL query execution, potentially leading to unauthorized data access or manipulation.

Reproduction

To reproduce this vulnerability, send a POST request to the viewcat.php endpoint with the elemid parameter containing a crafted SQL payload. The request should include a valid session cookie. The vulnerability can be exploited using either error-based or time-based blind SQL injection techniques.

Added: Feb 22, 2026, 2:19 PM

Updated: Feb 22, 2026, 2:19 PM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

9.5

remediation

0.0

relevance

3.1

threat

6.4

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

2.5

exploitability

9.5

remediation

0.0

relevance

3.1

threat

6.4

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dolibarr ERP/CRM SQL Injection Vulnerability in viewcat.php Endpoint

Vulnerability

Impact

Reproduction

Affected Products

Dolibarr ERP/CRM

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating