Description

The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads.

Remediation

References

CVE-2018-10092

Related Vulnerabilities

WebLogic CVE-2021-1995 Vulnerability (CVE-2021-1995)

WordPress Plugin Pagination by BestWebSoft Cross-Site Scripting (1.0.6)

WordPress Plugin Gmedia Photo Gallery Multiple Vulnerabilities (1.6.4)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-0372)

WordPress 3.7.x Arbitrary File Deletion Vulnerability (3.7 - 3.7.26)

Severity

High

Classification

CVE-2018-10092 CWE-862 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities