Описание
Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
10
Ссылки на источники
8.8 High
CVSS3
Связанные уязвимости
CVSS3: 8.8
nvd
больше 2 лет назад
Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.
CVSS3: 8.8
debian
больше 2 лет назад
Dolibarr before 17.0.1 allows remote code execution by an authenticate ...
CVSS3: 8.8
github
больше 2 лет назад
Dolibarr vulnerable to remote code execution via uppercase manipulation
8.8 High
CVSS3