Description
Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context of the vulnerable application.
Remediation
References
Related Vulnerabilities
Envoy Proxy Origin Validation Error Vulnerability (CVE-2020-15104)
WordPress Plugin SH Slideshow 'ajax.php' SQL Injection (3.1.4)
Python Use After Free Vulnerability (CVE-2022-48560)
PHP Numeric Errors Vulnerability (CVE-2016-4344)
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-0815)