Lucene search
Ubuntu.comUB:CVE-2024-37821HistoryJun 18, 2024 - 12:00 a.m.
CVE-2024-37821
2024-06-1800:00:00
ubuntu.com
ubuntu.com
arbitrary file upload
dolibarr erp crm
cve-2024-37821
sql file
unix
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
An arbitrary file upload vulnerability in the Upload Template function of
Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code
via uploading a crafted .SQL file.
Related
cvelist
cvelist
CVE-2024-37821
2024-06-18 00:00:00
nvd
nvd
CVE-2024-37821
2024-06-18 20:15:13
github
github
Dolibarr arbitrary file upload vulnerability
2024-06-18 21:30:36
cve
cve
CVE-2024-37821
2024-06-18 20:15:13
osv
osv
Dolibarr arbitrary file upload vulnerability
2024-06-18 21:30:36
veracode
veracode
Arbitrary Code Execution
2024-06-19 06:36:47
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
Related for UB:CVE-2024-37821