Description
There is a sensitive information disclosure vulnerability in document.php in Dolibarr ERP/CRM version 6.0.0 via the file parameter.
Remediation
References
Related Vulnerabilities
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5383)
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-7537)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1836)
WordPress 4.4.x Cross-Domain Flash Injection Vulnerability (4.4 - 4.4.13)
WordPress Plugin WordPress Download Manager Cross-Site Request Forgery (2.8.99)