Poh Jia Hao (STAR Labs SG Pte. Ltd.)

1 exploit Active since Nov 2023
CVE-2023-4197 NOMISEC HIGH WORKING POC
Dolibarr ERP CRM <= 18.0.1 - Remote Code Execution via Website Input
Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an attacker to inject and evaluate arbitrary PHP code.
CVSS 7.5