Description
Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context of the vulnerable application.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Download Codes Cross-Site Scripting (2.5.1)
WordPress Plugin YITH WooCommerce Ajax Search Unspecified Vulnerability (1.2.7)
phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-2505)
WordPress Plugin Calendar Event Multi View Multiple SQL Injection Vulnerabilities (1.1.7)