CVE-2017-7886by Jeremyin Security Bulletinson Posted on May 10, 2017 Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter.