Lucene search
K

8 matches found

securityvulns
securityvulns
added 2014/05/04 12:0 a.m.85 views

Multiple Vulnerabilities in OpenDocMan

Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Vendor Patch: February 24, 2014 Public...

7.5CVSS0.1AI score0.02582EPSS
Exploits8
NVD
NVD
added 2014/03/09 1:16 p.m.24 views

CVE-2014-1945

SQL injection vulnerability in ajaxudf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the addvalue parameter...

7.5CVSS8.2AI score0.01407EPSS
Exploits6References5
CVE
CVE
added 2014/03/07 8:0 p.m.238 views

CVE-2014-1945

OpenDocMan is affected by CVE-2014-1945: a SQL Injection in the ajax_udf.php script (parameter add_value) allows remote attackers to manipulate the database. Affected product/version: OpenDocMan before 1.2.7.2. Root cause: insufficient input validation in ajax_udf.php leading to arbitrary SQL exe...

7.5CVSS9AI score0.01407EPSS
Exploits6References5Affected Software1
Packet Storm
Packet Storm
added 2014/03/06 12:0 a.m.112 views

OpenDocMan 1.2.7 SQL Injection / Access Control

Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Vendor Patch: February 24, 2014 Public...

7.5CVSS0.6AI score0.02582EPSS
Exploits8
Exploit DB
Exploit DB
added 2014/03/05 12:0 a.m.134 views

OpenDocMan 1.2.7 - Multiple Vulnerabilities

Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Vendor Patch: February 24, 2014 Public...

8.8CVSS9AI score0.02582EPSS
Exploits8
0day.today
0day.today
added 2014/03/05 12:0 a.m.761 views

OpenDocMan 1.2.7 - Multiple Vulnerabilities

OpenDocMan versions 1.2.7 and below suffer from improper access control and remote SQL injection vulnerabilities. Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without...

7.5CVSS9.5AI score0.02582EPSS
Exploits8
exploitpack
exploitpack
added 2014/03/05 12:0 a.m.106 views

OpenDocMan 1.2.7 - Multiple Vulnerabilities

OpenDocMan 1.2.7 - Multiple Vulnerabilities Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12,...

7.5CVSS9AI score0.02582EPSS
Exploits8
htbridge
htbridge
added 2014/02/12 12:0 a.m.53 views

Multiple Vulnerabilities in OpenDocMan

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in OpenDocMan, which can be exploited to perform SQL Injection and gain administrative access to the application. 1 SQL Injection in OpenDocMan: CVE-2014-1945 The vulnerability exists due to insufficient validation of...

7.5CVSS9.7AI score0.02582EPSS
Exploits8Affected Software1
Rows per page
Query Builder