5 matches found
Dolibarr Unauthenticated Contacts Database Theft
An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists. id: CVE-2023-33568 info: name: Dolibarr Unauthenticated Contacts Database Theft...
Linux Distros Unpatched Vulnerability : CVE-2023-33568
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects,...
CVE-2023-33568
An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists...
CVE-2023-33568
Dolibarr 16.x before 16.0.5 is affected. An unauthenticated remote attacker can trigger a database dump and access the company’s entire contacts data (customers, prospects, suppliers, and employees) if a contact file exists. Root cause is insufficient access control leading to pre-auth data expos...
CVE-2023-33568
creationtimestamp| type| source ---|---|--- 2023-05-30 15:27:30+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/dolibarr16contactdump.rb 2023-06-13 18:15:40+00:00| seen| https://t.me/cibsecurity/65161 2023-06-20 08:10:54+00:00|...