Описание
Dolibarr CRM before 11.0.5 allows privilege escalation. This could allow remote authenticated attackers to upload arbitrary files via societe/document.php in which "disabled" is changed to "enabled" in the HTML source code.
Ссылки
- Release NotesThird Party Advisory
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 11.0.5 (исключая)
cpe:2.3:a:dolibarr:dolibarr:*:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.0015
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.5
ubuntu
почти 5 лет назад
Dolibarr CRM before 11.0.5 allows privilege escalation. This could allow remote authenticated attackers to upload arbitrary files via societe/document.php in which "disabled" is changed to "enabled" in the HTML source code.
CVSS3: 6.5
debian
почти 5 лет назад
Dolibarr CRM before 11.0.5 allows privilege escalation. This could all ...
EPSS
Процентиль: 36%
0.0015
Низкий
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
NVD-CWE-noinfo