High severityNVD Advisory· Published Jun 18, 2024· Updated Aug 2, 2024
CVE-2024-37821
CVE-2024-37821
Description
An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dolibarr/dolibarrPackagist | < 19.0.2 | 19.0.2 |
Affected products
3- Dolibarr/ERP CRMdescription
- osv-coords2 versions
< 19.0.2+ 1 more
- (no CPE)range: < 19.0.2
- (no CPE)range: < 19.0.2
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-p7r8-7w87-8g46ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-37821ghsaADVISORY
- dolibarr.comghsaWEB
- github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-37821.mdghsaWEB
News mentions
0No linked articles in our index yet.