CVE-2018-25357

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then...

PT-2023-15121 · Unknown · Revenue Collection System

Name of the Vulnerable Software and Affected Versions: Revenue Collection System version 1.0 Description: The issue is related to a SQL injection vulnerability. It affects the step1.php endpoint. Recommendations: For Revenue Collection System version 1.0, consider disabling access to the step1.ph...