Lucene search
MitreCVE-2023-30253HistoryMay 29, 2023 - 9:15 p.m.
CVE-2023-30253
2023-05-2921:15:09
CWE-78
mitre
web.nvd.nist.gov
67
dolibarr
remote code execution
authenticated user
cve-2023-30253
nvd
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.012
Percentile
85.4%
Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.
Affected configurations
Node
dolibarrdolibarr_erp\/crmRange<17.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dolibarr | dolibarr_erp\/crm | * | cpe:2.3:a:dolibarr:dolibarr_erp\/crm:*:*:*:*:*:*:*:* |
Related
veracode
veracode
Code Injection
2023-06-06 07:21:37
prion
prion
Remote code execution
2023-05-29 21:15:00
github
github
Dolibarr vulnerable to remote code execution via uppercase manipulation
2023-05-29 21:30:17
cvelist
cvelist
CVE-2023-30253
2023-05-29 00:00:00
nvd
nvd
CVE-2023-30253
2023-05-29 21:15:09
githubexploit
githubexploit
Exploit for OS Command Injection in Dolibarr Dolibarr Erp/Crm
2024-06-24 16:22:31
Exploit for OS Command Injection in Dolibarr Dolibarr Erp/Crm
2024-06-21 01:41:34
Exploit for OS Command Injection in Dolibarr Dolibarr Erp/Crm
2024-05-27 11:00:43
osv
osv
Dolibarr vulnerable to remote code execution via uppercase manipulation
2023-05-29 21:30:17
CVE-2023-30253
2023-05-29 21:15:09
ubuntucve
ubuntucve
CVE-2023-30253
2024-08-05 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.8
Confidence
High
EPSS
0.012
Percentile
85.4%
Related for CVE-2023-30253