Lucene search
K

7 matches found

NVD
NVD
added 2020/12/23 3:15 p.m.29 views

CVE-2020-35136

Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An attacker who has the access the admin dashboard can manipulate the backup function by inserting a payload into the filename for the zipfilenametemplate parameter to admin/tools/dolibarrexport.php...

9CVSS7AI score0.06361EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2020/12/23 3:15 p.m.22 views

CVE-2020-35136

Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An attacker who has the access the admin dashboard can manipulate the backup function by inserting a payload into the filename for the zipfilenametemplate parameter to admin/tools/dolibarrexport.php...

9CVSS7.1AI score0.06361EPSS
Exploits1References5
OSV
OSV
added 2020/12/23 3:15 p.m.2 views

UBUNTU-CVE-2020-35136

Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An attacker who has the access the admin dashboard can manipulate the backup function by inserting a payload into the filename for the zipfilenametemplate parameter to admin/tools/dolibarrexport.php...

7.2CVSS7.1AI score0.06361EPSS
Exploits1References6
Cvelist
Cvelist
added 2020/12/23 2:39 p.m.30 views

CVE-2020-35136

Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An attacker who has the access the admin dashboard can manipulate the backup function by inserting a payload into the filename for the zipfilenametemplate parameter to admin/tools/dolibarrexport.php...

7AI score0.06361EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2020/12/23 12:0 a.m.3 views

PT-2020-17266 · Dolibarr · Dolibarr

Name of the Vulnerable Software and Affected Versions: Dolibarr version 12.0.3 Description: The issue allows for authenticated Remote Code Execution. An attacker with access to the admin dashboard can exploit the backup function by inserting a payload into the zipfilename template parameter in th...

9CVSS7.2AI score0.06361EPSS
Exploits1References13
Exploit DB
Exploit DB
added 2020/12/11 12:0 a.m.721 views

Dolibarr 12.0.3 - SQLi to RCE

Exploit Title: Dolibarr 12.0.3 - SQLi to RCE Date: 2/12/2020 Exploit Author: coiffeur Write Up: https://therealcoiffeur.github.io/c10010, https://therealcoiffeur.github.io/c10011 Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads.php,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/12/11 12:0 a.m.569 views

Dolibarr 12.0.3 SQL Injection / Remote Code Execution

Exploit Title: Dolibarr 12.0.3, SQLi to RCE Date: 2/12/2020 Exploit Author: coiffeur Write Up: https://therealcoiffeur.github.io/c10010, https://therealcoiffeur.github.io/c10011 Vendor Homepage: https://www.dolibarr.org/ Software Link: https://www.dolibarr.org/downloads.php,...

0.5AI score
Exploits0
Rows per page
Query Builder