Lucene search
MitreCVE-2024-37821HistoryJun 18, 2024 - 8:15 p.m.
CVE-2024-37821
2024-06-1820:15:13
CWE-94
mitre
web.nvd.nist.gov
24
arbitrary file upload
dolibarr erp crm
cve-2024-37821
sql file
code execution
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8
Confidence
Low
EPSS
0
Percentile
9.0%
An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL file.
Related
ubuntucve
ubuntucve
CVE-2024-37821
2024-06-18 00:00:00
cvelist
cvelist
CVE-2024-37821
2024-06-18 00:00:00
nvd
nvd
CVE-2024-37821
2024-06-18 20:15:13
vulnrichment
vulnrichment
CVE-2024-37821
2024-06-18 00:00:00
github
github
Dolibarr arbitrary file upload vulnerability
2024-06-18 21:30:36
veracode
veracode
Arbitrary Code Execution
2024-06-19 06:36:47
osv
osv
Dolibarr arbitrary file upload vulnerability
2024-06-18 21:30:36
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8
Confidence
Low
EPSS
0
Percentile
9.0%
Related for CVE-2024-37821