Description

Lack of sanitization during Installation Process in Dolibarr ERP CRM up to version 19.0.0 allows an attacker with adjacent access to the network to execute arbitrary code via a specifically crafted input.

Remediation

References

CVE-2024-29477

Related Vulnerabilities

WordPress Plugin Namaste! LMS Cross-Site Scripting (2.5.9.4)

SharePoint CVE-2020-1583 Vulnerability (CVE-2020-1583)

WordPress Plugin SendPress Newsletters Cross-Site Scripting (1.20.7.10)

OpenSSL Missing Encryption of Sensitive Data Vulnerability (CVE-2019-1547)

Oracle Database Server CVE-2008-0340 Vulnerability (CVE-2008-0340)

Severity

High

Classification

CVE-2024-29477 CWE-94 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities