CVE-2022-0174

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions dolibarr (affected versions not specified)

Description The issue concerns an improper validation of specified quantity in input, leading to business logic errors. This occurs because the application does not check the input of price numbers, allowing for negative price amounts to be processed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1284CWE-20

Related Identifiers

BIT-DOLIBARR-2022-0174

CVE-2022-0174

GHSA-8QVX-F5GF-G43V

Affected Products

Dolibarr

CVE-2022-0174

Weakness Enumeration

Related Identifiers

Affected Products

References · 12