CVE-2018-10092: Command Injection

May 22, 2018 (updated October 3, 2019)

The admin panel in Dolibarr might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads.

References

nvd.nist.gov/vuln/detail/CVE-2018-10092

Code Behaviors & Features

Detect and mitigate CVE-2018-10092 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →