Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-14201

EPSS 0.15% · P35
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-14201

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Dolibarr CRM before 11.0.5 allows privilege escalation. This could allow remote authenticated attackers to upload arbitrary files via societe/document.php in which "disabled" is changed to "enabled" in the HTML source code.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Dolibarr CRM 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Dolibarr ERP/CRM是法国Dolibarr基金会的一套基于Web的企业资源计划(ERP)和客户关系管理(CRM)系统。该系统可用来管理产品、库存、发票、订单等。 Dolibarr CRM before 11.0.5 存在安全漏洞,该漏洞允许经过身份验证的远程攻击者通过societe/document.php上传任意文件,其中HTML源代码中的“ disabled”更改为“enabled”。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2020-14201

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-14201

登录查看更多情报信息。

Same Patch Batch · n/a · 2020-08-21 · 48 CVEs total

CVE-2020-245899.1 CRITICALWSO2 API Manager 安全漏洞
CVE-2020-245909.1 CRITICALWSO2 API Manager 安全漏洞
CVE-2019-118579.1 CRITICALALEOS AceManager Information Disclosure
CVE-2019-118628.1 HIGHALEOS SSH Service Allows Traffic Proxying
CVE-2020-77108.1 HIGHSandbox Escape
CVE-2019-118558.1 HIGHALEOS LAN-Side RPC Server
CVE-2019-118477.3 HIGHALEOS User Root Shell Escalation
CVE-2020-245916.5 MEDIUMWSO2 多款产品代码问题漏洞
CVE-2019-118496.3 MEDIUMALEOS AT API Stack Overflow
CVE-2019-118506.3 MEDIUMALEOS AT Command Stack Overflow
CVE-2020-158586.2 MEDIUMThales DIS 路径遍历漏洞
CVE-2019-118596.0 MEDIUMALEOS SMS Handler Buffer Overflow
CVE-2019-118585.7 MEDIUMALEOS Multiple Web UI vulnerabilities
CVE-2019-118484.1 MEDIUMALEOS AT Command API Abuse
CVE-2019-118533.9 LOWALEOS AT Command Injections
CVE-2019-118523.7 LOWALEOS ACEView Service Out-Of-Bounds Read
CVE-2019-118563.3 LOWALEOS ACEView Message Replay
CVE-2020-20633WordPress 跨站脚本漏洞
CVE-2020-5775Canvas LMS 代码问题漏洞
CVE-2020-20634Elementor WordPress 安全漏洞

Showing top 20 of 48 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2020-14201

No comments yet

Leave a comment