CVE-2018-19998

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt