Vulnerability Database

299,879

Total vulnerabilities in the database

CVE-2012-10059

Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sql_compat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code execution on the server.

No technical information available.

CWEs:

OWASP TOP 10:

No affected software listed.