7 matches found
CVE-2014-1946
OpenDocMan vulnerability CVE-2014-1946 affects OpenDocMan versions 1.2.7 and earlier. The issue is improper access control in signup.php, where insufficient validation of allowed actions lets a remote authenticated user assign administrative privileges to their account. The advisory confirms the ...
Multiple Vulnerabilities in OpenDocMan
Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Vendor Patch: February 24, 2014 Public...
OpenDocMan 1.2.7 SQL Injection / Access Control
Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Vendor Patch: February 24, 2014 Public...
OpenDocMan 1.2.7 - Multiple Vulnerabilities
Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12, 2014 Vendor Patch: February 24, 2014 Public...
OpenDocMan 1.2.7 - Multiple Vulnerabilities
OpenDocMan versions 1.2.7 and below suffer from improper access control and remote SQL injection vulnerabilities. Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without...
OpenDocMan 1.2.7 - Multiple Vulnerabilities
OpenDocMan 1.2.7 - Multiple Vulnerabilities Advisory ID: HTB23202 Product: OpenDocMan Vendor: Free Document Management Software Vulnerable Versions: 1.2.7 and probably prior Tested Version: 1.2.7 Advisory Publication: February 12, 2014 without technical details Vendor Notification: February 12,...
Multiple Vulnerabilities in OpenDocMan
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in OpenDocMan, which can be exploited to perform SQL Injection and gain administrative access to the application. 1 SQL Injection in OpenDocMan: CVE-2014-1945 The vulnerability exists due to insufficient validation of...