2017-12-24 18:00:00
mitre
PUBLISHED
Dolibarr ERP/CRM version 6.0.4 does not block direct requests to *.tpl.php files, which allows remote attackers to obtain sensitive information.