Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2023-33568

Published: 13/06/2023 Updated: 23/06/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Dolibarr Erp\/crm

Vulnerability Summary

An issue in Dolibarr 16 prior to 16.0.5 allows unauthenticated malicious users to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dolibarr dolibarr erp\\/crm

References

CWE-552https://www.dsecbypass.com/en/dolibarr-pre-auth-contact-database-dump/https://www.dolibarr.org/forum/t/dolibarr-16-0-security-breach/23471https://github.com/Dolibarr/dolibarr/commit/bb7b69ef43673ed403436eac05e0bc31d5033ff7https://www.dolibarr.org/forum/t/dolibarr-16-0-security-breach/23471/1https://github.com/Dolibarr/dolibarr/commit/be82f51f68d738cce205f4ce5b469ef42ed82d9ehttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook