Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then execute commands via the check.php endpoint using the cmd GET parameter.
{
"source": "CPE_RANGE",
"cpe": "cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "7.0.3"
}
]
}