Lucene search
K

4 matches found

CVE
CVE
added 2026/05/23 6:32 p.m.39 views

CVE-2018-25357

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability. An unauthenticated attacker can inject PHP into the db_name parameter via a POST to install/step1.php , then trigger code execution through the check.php endpoint using the cmd parameter. The CVE documents indicate a critical ...

9.8CVSS6.7AI score0.01701EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/23 6:32 p.m.10 views

CVE-2018-25357

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then...

9.8CVSS6.7AI score0.01701EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/23 6:32 p.m.22 views

CVE-2018-25357 Dolibarr ERP CRM 7.0.3 Remote Code Execution via install/step1.php

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then...

9.8CVSS0.01701EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/23 6:32 p.m.8 views

CVE-2018-25357 Dolibarr ERP CRM 7.0.3 Remote Code Execution via install/step1.php

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then...

9.8CVSS6.7AI score0.01701EPSS
Exploits1References4
Rows per page
Query Builder