Security for everyone

CVE-2012-1226 Scanner

Detects 'Directory Traversal' vulnerability in Dolibarr CMS affects v. 3.2.0 Alpha.

SCAN NOW

Short Info


Level

High

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

CVE-2012-1226 Scanner Detail

Dolibarr CMS is an open-source, web-based software used for managing small and medium-sized businesses. The software offers a range of features, including human resources management, invoicing, customer relationship management, and more. It is easily customizable and can be extended with add-on modules from the Dolistore. Dolibarr is designed to simplify management tasks for small businesses and reduce the costs associated with running a complex management system.

The CVE-2012-1226 vulnerability is a serious security flaw found in Dolibarr CMS version 3.2.0 Alpha. The vulnerability allows remote attackers to read arbitrary files and possibly execute arbitrary code through directory traversal attacks. The flaw can be triggered through two parameters: the "file" parameter in document.php and the "backtopage" parameter in the create action to comm/action/fiche.php. An attacker can exploit this vulnerability by inserting ".." (dot dot) into the file path, allowing them to access files outside of the intended directory.

When exploited, the vulnerability can lead to the exposure of sensitive data, including user credentials, intellectual property, and financial information. In some cases, an attacker can gain full control of the system and execute arbitrary code to further exploit the vulnerability. The consequences of a successful attack can be catastrophic, resulting in reputation damage, financial loss, and loss of customer trust.

Thanks to the pro features of the securityforeveryone.com platform, businesses can easily and quickly learn about vulnerabilities in their digital assets, protect against them, and mitigate the risks of cyber attacks. By staying informed and taking proactive security measures, businesses can reduce their vulnerability to security flaws like CVE-2012-1226 and protect their valuable data and assets.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture