Lucene search
GitHub Advisory DatabaseGHSA-42QM-C3CF-9WV2HistoryMar 03, 2022 - 12:00 a.m.
Code injection in dolibarr/dolibarr
2022-03-0300:00:49
CWE-94
GitHub Advisory Database
github.com
18
0.002 Low
EPSS
Percentile
58.2%
Improper php function sanitization, lead to an ability to inject arbitrary PHP code and run arbitrary commands on file system. In the function “dol_eval” in file “dolibarr/htdocs/core/lib/functions.lib.php” dangerous PHP functions are sanitized using “str_replace” and can be bypassed using following code in $s parameter
| CPE | Name | Operator | Version |
|---|---|---|---|
| dolibarr/dolibarr | lt | 15.0.1 |
Related
osv
osv
Code injection in dolibarr/dolibarr
2022-03-03 00:00:49
CVE-2022-0819
2022-03-02 16:15:07
veracode
veracode
Remote Code Execution
2022-03-03 09:30:37
cvelist
cvelist
CVE-2022-0819 Code Injection in dolibarr/dolibarr
2022-03-02 15:40:13
cve
cve
CVE-2022-0819
2022-03-02 16:15:00
ubuntucve
ubuntucve
CVE-2022-0819
2022-03-02 00:00:00
prion
prion
Code injection
2022-03-02 16:15:00
checkpoint_advisories
checkpoint_advisories
Dolibarr ERP and CRM Code Injection (CVE-2022-0819)
2022-10-31 00:00:00
huntr
huntr
Code Injection
2022-02-28 12:49:49