10 matches found
CVE-2019-25257
CVE-2019-25257 affects LogicalDOC Enterprise 7.7.4. The vulnerability arises from insufficient validation of binary paths when modifying system settings, allowing authenticated users to manipulate configuration parameters (e.g., antivirus.command, ocr.Tesseract.path) to execute arbitrary OS comma...
CVE-2019-25257 LogicalDOC Enterprise 7.7.4 Authenticated Command Execution via Binary Path Manipulation
LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command,...
PT-2025-53343
Name of the Vulnerable Software and Affected Versions LogicalDOC Enterprise version 7.7.4 Description The software contains multiple authenticated operating system command execution flaws. These flaws permit attackers to manipulate binary paths when altering system settings. Exploitation involves...
EUVD-2025-1872
Malicious code in bioql PyPI...
Dolibarr 7.0.0 Admin Panel Remote Code Execution
CVE-2018-10092 Dolibarr admin panel authenticated Remote Code Execution RCE vulnerability Description Dolibarr is an "Open Source ERP & CRM for Business" used by many companies worldwide. It is available through GitHub or as distribution packages e.g .deb package. Threat By tricking a logged-in...
CVE-2018-10092
The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads...
CVE-2018-10092
The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads...
CVE-2018-10092
The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads...
CVE-2018-10092
The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads...
Remote Code Execution (RCE)
dolibarr/dolibarr is susceptible to remote code execution RCE. The vulnerability can be triggered because it grants authentication and replaces an antivirus command with a malicious payload once the administrator is tricked to click a malicious link...