Description
File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to execute arbitrary code and obtain sensitive information via the extension filtering and renaming functions.
Remediation
References
Related Vulnerabilities
WordPress Plugin Breadcrumbs by menu Multiple Vulnerabilities (1.0.1)
WordPress Plugin IMPress for IDX Broker Cross-Site Scripting (3.0.5)
WordPress Plugin Clean Login Cross-Site Request Forgery (1.7.12)
IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-7449)