Security Advisory

CVE-2012-10059

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-13 20:33:50

Last updated 2026-04-07 14:02:51

Assigner VulnCheck

State PUBLISHED

Description

Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection vulnerability in its database backup feature. The export.php script fails to sanitize the sql_compat parameter, allowing authenticated users to inject arbitrary system commands, resulting in remote code execution on the server.

← Browse all CVEs View on cve.org ↗