Proactive Insights and Support For Open-Source Applications
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
Get Started
Book a demo
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
  • Home
  • Knowledge Base
  • Newsflash
  • Business and Enterprise Solutions
  • ERP

ERP

All OSSpediaArticlesHow ToNewsflashCase Studies
Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.

    Selected category
    • Communication
      • Communication
    • Communication and Collaboration
      • Communication
    • Specialized Software
      • Educational
      • Graphic Design
    • Business and Enterprise Solutions
      • Productivity
      • Supply Chain Management (SCM)
      • CRM
      • E-commerce
      • CMS
      • Marketing Automation
      • ERP
    • Project and Agile Management
      • Project Management
      • IT Business Management
    • Infrastructure and Network
      • Networking
      • Storage
      • Security
    • DevOps
      • Mobile App Development
      • Backup and Recovery
      • Data Analytics
      • Web Development
      • Developer Stacks
      • Cloud Computing
      • Monitoring
      • Application Development
      • Developer Tools
    • Data Management and Analytics
      • Communication
      • Application Development
      • Analytics
      • Machine Learning
      • Database
      • Data Analytics
    3 Mar 2025 Business and Enterprise Solutions
    Odoo: Improper Access Control in OAuth Module Allows Internal User to Export OAuth Tokens

    In Odoo Community version 15.0 and Odoo Enterprise version 15.0 a high severity vulnerability CVE-2024-12368 was detected. This vulnerability allows an internal user to export the OAuth tokens of other users. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-12368.

    Read more
    ERP
    28 Feb 2025 Business and Enterprise Solutions
    Odoo: Improper Access Control

    In Odoo Community version 17.0 and Odoo Enterprise version 17.0 a high severity vulnerability CVE-2024-36259 was detected. This vulnerability allows remote authenticated attackers to extract sensitive information via an oracle-based (yes/no response) crafted attack. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-36259.

    Read more
    ERP
    28 Jan 2025 Business and Enterprise Solutions
    Dolibarr: Cross-Site Scripting (XSS) Vulnerability in Product Module

    In Dolibarr version 21.0.0-beta a medium severity vulnerability CVE-2024-55228 was detected. This vulnerability allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the Title parameter of the Product module. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-55228.

    Read more
    ERP
    21 Nov 2024 Business and Enterprise Solutions
    Dolibarr: Unauthorized Access to Sensitive Reception Details

    In Dolibarr versions prior to 15.0.0 a medium severity vulnerability CVE-2021-3991 was found. This vulnerability lets attackers view sensitive reception details by accessing specific URLs without proper permissions. To fix this issue, users are advised to upgrade to version 15.0.0 or above. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2021-3991.

    Read more
    ERP
    25 Jul 2024 Business and Enterprise Solutions
    Dolibarr: Remote Code Execution Vulnerability

    In Dolibarr ERP CRM versions before 19.0.2-php8.2 a high severity vulnerability CVE-2024-40137 was detected. A vulnerability in the Computed field parameter of the Users Module Setup in Dolibarr ERP CRM allows remote code execution. Fixed in version 19.0.2-php8.2 and later. If you can’t update, disable the function, restrict access, enforce strong access controls, monitor activity, conduct a security audit, and use network segmentation to limit movement. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-40137.

    Read more
    ERP
    22 Jun 2024 Business and Enterprise Solutions
    Dolibarr: The vulnerability allows attackers to execute arbitrary code via uploading a crafted SQL file.

    In the Dolibarr version 19.0.1 a low severity vulnerability CVE-2024-37821 was detected. This vulnerability allows attackers to execute arbitrary code via uploading a crafted SQL file. There is no fix to this yet. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-37821/.

    Read more
    ERP
    12 Jun 2024 Business and Enterprise Solutions
    Dolibarr: Security Flaw in Payment Module

    In Dolibarr versions before 19.0.2 a low severity vulnerability CVE-2024-34051 was detected. This flaw allows attackers to execute harmful scripts through the “facid” parameter on the payment card page. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-34051/.

    Read more
    ERP
    12 Jun 2024 Business and Enterprise Solutions
    Dolibarr: Vulnerability Enables Unauthorized Database Access

    In Dolibarr version 9.0.1 a critical severity vulnerability CVE-2024-5315 was detected. This issue in ERP-CRM could let attackers access database information through a vulnerable parameter. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-5315/.

    Read more
    ERP
    23 Apr 2024 Business and Enterprise Solutions
    Dolibarr: Enables Network Access and Code Execution During Installation

    In Dolibarr a critical security vulnerability CVE-2024-29477 was detected. This vulnerability allows attackers to access your network and execute malicious code during installation. The issue is resolved in Dolibarr version 19.0.1 or newer. For more information, visit https://avd.aquasec.com/nvd/2024/cve-2024-29477.

    Read more
    ERP
    Proactive Insights and Support For Open-Source Applications
    Contact us: Whatsapp
    Company
    • About Hossted
    • Data Processing Addendum
    Solutions
    • Applications
    • Support Plans
    • About Solution
    Resources
    • FAQ
    • Knowledge Base
    © HOSSTED 2025 All rights reserved
    • Privacy Policy
    • Terms and Conditions
    • Cookies Policy