Description
Dolibarr CRM before 11.0.5 allows privilege escalation. This could allow remote authenticated attackers to upload arbitrary files via societe/document.php in which "disabled" is changed to "enabled" in the HTML source code.
Remediation
References
Related Vulnerabilities
WordPress Plugin Consulting Elementor Widgets SQL Injection (1.3.0)
MySQL CVE-2016-5635 Vulnerability (CVE-2016-5635)
Dotclear Other Vulnerability (CVE-2006-2866)
ownCloud Incorrect Authorization Vulnerability (CVE-2021-29659)
WordPress Plugin Judge.me Product Reviews for WooCommerce Cross-Site Scripting (1.3.20)