Dolibarr/dolibarr is vulnerable to command injection. A lack of validation in the $command
parameter allows a remote attacker to submit characters that can be used to bypass escapeshellarg
and inject arbitrary commands into the affected parameter.