10 matches found
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...
CVE-2020-28727
Cross-site scripting XSS exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php...
CVE-2020-28727
SeedDMS 6.0.13 is affected by a cross-site scripting (XSS) vulnerability exploitable via the folderid parameter to views/bootstrap/class.DropFolderChooser.php. The issue arises from improper handling of user-controlled input in that parameter, enabling injected script when the affected page is lo...
SeedDMS Open Redirect Vulnerability
SeedDMS is a free document management system with an easy-to-use web-based user interface. An open redirection vulnerability exists in SeedDMS 6.0.13, which can be exploited by an attacker via the dropfolderfileform1 parameter of out/out.AddDocument.php to conduct an open redirection attack...
CVE-2020-28726
Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter to out/out.AddDocument.php...
CVE-2020-28726
Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter to out/out.AddDocument.php...
Open redirect
Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter to out/out.AddDocument.php...
CVE-2020-28726
SeedDMS 6.0.13 is affected by an Open Redirect vulnerability. The issue occurs in out/out.AddDocument.php via the dropfolderfileform1 parameter, allowing redirection to an arbitrary URL. The CVE-2020-28726 entries consistently describe an open redirect in SeedDMS 6.0.13; no exploit specifics, aff...