201 matches found
WordPress Plugin SP Client Document Manager 2.4.1 - SQL Injection
Vulnerability title: Multi SQL Injection in SP Client Document Manager plugin CVE: N/A Vendor: http://smartypantsplugins.com Plugin: SP Client Document Manager Download link: https://wordpress.org/plugins/sp-client-document-manager/ Affected version: version 2.4.1 and previous version Google dork...
Omnistar Document Manager 8.0 - Multiple Vulnerabilities
No description provided by source. Title: ====== Omnistar Document Manager v8.0 - Multiple Vulnerabilities Date: ===== 2012-10-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=712 VL-ID: ===== 712 Common Vulnerability Scoring System: ==================================...
My PDF Creator And DE DM 1.4 LFI / File Upload
Document Title: =============== My PDF Creator & DE DM v1.4 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1201 Release Date: ============= 2014-02-16 Vulnerability Laboratory ID VL-ID: ====================================...
Omnistar Document Manager 8.0 - Multiple Vulnerabilities
Title: ====== Omnistar Document Manager v8.0 - Multiple Vulnerabilities Date: ===== 2012-10-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=712 VL-ID: ===== 712 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...
Omnistar Document Manager Software Multiple Vulnerabilities
Omnistar Document Manager Software is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Joomla! Component QuickFAQ 1.0.3 - Blind SQL Injection
----------------------------------------------------------------------------------------- Joomla Component comquickfaq BSQL-i Vulnerability ----------------------------------------------------------------------------------------- +Title Joomla Component comquickfaq BSQL-i Vulnerability +Author...
Document Manager Information Disclosure Vulnerability
The host is running Document Manager and is prone to Information Disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbdocumentmanagerinfodiscvuln.nasl 5306 2017-02-16 09:00:16Z teissa $ Document Manager Information Disclosure Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2010...
Document Manager Version Detection
This script finds the running Document Manager version. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Document Manager Information Disclosure Vulnerability
Document Manager is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Afian Document Manager Local File Inclusion
Afian is an application that can add, in just minutes, powerful document management capabilities to any Web server. It provides an Web-based interface for documents residing on the Web server's file system. This software has a secutity hole allow attackers download any files if they know the path...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Xythos Enterprise Document Manager XEDM before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to inject arbitrary web script or HTML via 1 a saved Workflow name; 2 a Workflow name, related to deletion of a Workflow template...
CVE-2007-3254
Multiple cross-site scripting XSS vulnerabilities in Xythos Enterprise Document Manager XEDM before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to inject arbitrary web script or HTML via 1 a saved Workflow name; 2 a Workflow name, related to deletion of a Workflow template...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Xythos Enterprise Document Manager XEDM before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to execute commands as arbitrary users via 1 a saved Workflow name or 2 the Content-Type HTTP header. NOTE: item 2 also...
CVE-2007-3256
Xythos Enterprise Document Manager XEDM, Digital Locker XDL, and possibly WebFile Server before 6.0.46.1 allow remote authenticated users to associate arbitrary Content-Type HTTP headers with documents, which might facilitate malware distribution...
CVE-2007-3255
Multiple cross-site request forgery CSRF vulnerabilities in Xythos Enterprise Document Manager XEDM before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to execute commands as arbitrary users via 1 a saved Workflow name or 2 the Content-Type HTTP header. NOTE: item 2 also...
CVE-2007-3255
CVE-2007-3255 affects Xythos Enterprise Document Manager (XEDM) and related products. Vulnerabilities allow remote authenticated users to perform actions as other users via CSRF: (1) a saved Workflow name and (2) Content-Type header manipulation. Affects XEDM <5.0.25.8 and 6.x
CVE-2007-3254
CVE-2007-3254 covers multiple stored and reflected XSS vulnerabilities in Xythos Enterprise Document Manager (XEDM) versions prior to 5.0.25.8 and 6.x prior to 6.0.46.1. The issues enable remote authenticated users to inject arbitrary HTML/JavaScript via (1) a saved Workflow name; (2) a Workflow ...
CVE-2007-3256
CVE-2007-3256 affects Xythos Enterprise Document Manager (XEDM), Xythos Digital Locker (XDL), and possibly WebFile Server prior to 6.0.46.1. The root issue is insufficient server-side validation of the Content-Type value set by remote authenticated users, allowing them to associate arbitrary Cont...
CVE-2007-3255
Multiple cross-site request forgery CSRF vulnerabilities in Xythos Enterprise Document Manager XEDM before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to execute commands as arbitrary users via 1 a saved Workflow name or 2 the Content-Type HTTP header. NOTE: item 2 also...
CVE-2007-3256
Xythos Enterprise Document Manager XEDM, Digital Locker XDL, and possibly WebFile Server before 6.0.46.1 allow remote authenticated users to associate arbitrary Content-Type HTTP headers with documents, which might facilitate malware distribution...