Arbitrary Command Execution in Dolibarr Admin Panel

Arbitrary Command Execution in Dolibarr Admin Panel

CVE-2018-10092 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads.

Learn more about our Web Application Penetration Testing UK.