Vendor
high
threat
Dolibarr ERP/CRM OS Command Injection (CVE-2023-30253) Exploit Publicly Available
2 rules 1 TTP 1 CVE 2 IOCsA public exploit is available for an OS Command Injection vulnerability in Dolibarr ERP/CRM versions prior to 17.0.1 (CVE-2023-30253), which allows authenticated users to inject PHP code via the Website/CMS module to obtain a reverse shell as the www-data user.
Dolibarr ERP/CRM < 17.0.1
cve-2023-30253
os command injection
rce
web application
2r
1t
1c
2i
critical
advisory
Dolibarr ERP CRM 7.0.3 Remote Code Execution via install/step1.php
2 rules 2 TTPs 1 CVEDolibarr ERP CRM 7.0.3 is vulnerable to remote code evaluation, allowing unauthenticated attackers to execute arbitrary code by injecting PHP code through the db_name parameter, leading to arbitrary command execution.
Dolibarr ERP CRM 7.0.3
cve-2018-25357
rce
code-injection
web-application
2r
2t
1c