漏洞描述
Dolibarr ERP CRM存在命令注入漏洞,该漏洞是由于export.php对用户的请求缺乏验证。
Dolibarr ERP CRM export.php 命令注入漏洞
PoC代码
暂无相关漏洞推荐
- POCCVE-2012-1226: Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities
- POCCVE-2018-10095: Dolibarr <7.0.2 - Cross-Site Scripting
- POCCVE-2023-33568: Dolibarr Unauthenticated Contacts Database Theft
- POCCVE-2024-5315: Dolibarr ERP CMS `list.php` - SQL Injection
- POCCVE-2012-1226: Dolibarr ERP/CRM 3.2 Alpha - Multiple Directory Traversal Vulnerabilities
- POCCVE-2018-10095: Dolibarr <7.0.2 - Cross-Site Scripting
- POCCVE-2023-33568: Dolibarr Unauthenticated Contacts Database Theft
- POCCVE-2024-5315: Dolibarr ERP CMS `list.php` - SQL Injection
- 无POCDolibarr ERP和CRM套件菜单编辑器dol_eval函数代码注入漏洞
- 无POCDolibarr CVE-2022-0224 SQL注入漏洞
- 无POCDolibarr存在信息泄漏漏洞(CVE-2023-33568)
- 无POCDolibarr edit.php 远程命令执行漏洞 (CVE-2022-40871)