Description

The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads.

Remediation

References

CVE-2018-10092

Related Vulnerabilities

MediaWiki CVE-2023-22909 Vulnerability (CVE-2023-22909)

PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-2748)

Apache HTTP Server Other Vulnerability (CVE-2003-0020)

WordPress Plugin ClickSold IDX Cross-Site Scripting (1.48)

WordPress Plugin Titan Anti-spam & Security Cross-Site Scripting (4.1)

Severity

High

Classification

CVE-2018-10092 CWE-862 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities