Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Dolibarr CRM before 11.0.5 allows privilege escalation. This could allow remote authenticated attackers to upload arbitrary files via societe/document.php in which "disabled" is changed to "enabled" in the HTML source code.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dolibarr CRM 安全漏洞
Vulnerability Description
Dolibarr ERP/CRM是法国Dolibarr基金会的一套基于Web的企业资源计划(ERP)和客户关系管理(CRM)系统。该系统可用来管理产品、库存、发票、订单等。 Dolibarr CRM before 11.0.5 存在安全漏洞,该漏洞允许经过身份验证的远程攻击者通过societe/document.php上传任意文件,其中HTML源代码中的“ disabled”更改为“enabled”。
CVSS Information
N/A
Vulnerability Type
N/A