dolibarr-foundation-board
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Dolibarr-foundation-board] A voir pour version 3.2

From: Régis Houssin
Subject: Re: [Dolibarr-foundation-board] A voir pour version 3.2
Date: Mon, 09 Apr 2012 21:49:51 +0200
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:11.0) Gecko/20120327 Thunderbird/11.0.1 
Hi

http://packetstormsecurity.org/files/111652/Dolibarr-ERP-CRM-OS-Command-Injection.html

i see your proof of concept and i don't uderstand,
how do you manage to ignore the fact that it must be an administrator to
access this page?

/dolibarr/admin/tools/export.php

and do you use a tool to test and find faults?

Thank you


Le 09/04/12 21:12, address@hidden a écrit :
> Salut à tous,
> 
> J'ai trouvé ceci ce soir : comme je ne sais pas trop à qui l'envoyer ..
> 
> http://www.linux-backtrack.com/2012/04/dolibarr-erp-crm-os-command-injection/
> 
> 
> @+
> 
> Jean
> 

Cordialement,
-- 
Régis Houssin
---------------------------------------------------------
Cap-Networks
Cidex 1130
34, route de Gigny
71240 MARNAY
FRANCE
VoIP: +33 1 83 62 40 03
GSM: +33 6 33 02 07 97
Web: http://www.cap-networks.com/
Email: address@hidden

Dolibarr developer: address@hidden
Web Portal: http://www.dolibarr.fr/
SaaS offers: http://www.dolibox.fr/
Shop: http://www.dolistore.com/
Development platform: https://doliforge.org/
---------------------------------------------------------
reply via email to
[Prev in Thread] Current Thread [Next in Thread]