Filtered by vendor Dolibarr Subscriptions
Filtered by product Dolibarr Erp/crm Subscriptions

Search

Switch to Advanced Search (Beta)
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-10059 1 Dolibarr 2 Dolibarr, Dolibarr Erp/crm 2025-08-16 N/A
Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sql_compat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code execution on the server.