Lucene search
K

4 matches found

CVE
CVE
added 2014/10/17 11:0 p.m.65 views

CVE-2014-2279

CVE-2014-2279 and CVE-2014-2278 affect SeedDMS (formerly LetoDMS/MyDMS) up to version 4.3.3. CVE-2014-2279: Directory traversal via logname in /out/out.LogManagement.php allows read access to arbitrary local files for remote authenticated users with LogManagement access. CVE-2014-2278: Unrestrict...

6.4CVSS7.4AI score0.05205EPSS
Exploits3References6Affected Software1
seebug.org
seebug.org
added 2014/03/20 12:0 a.m.30 views

SeedDMS 'out.LogManagement.php'目录遍历漏洞

Bugtraq ID:66256 CVE ID:CVE-2014-2279 SeedDMS是一个强大易用的文档管理系统。 SeedDMS /out/out.LogManagement.php脚本不正确过滤'logname'参数数据,允许攻击者利用漏洞提交目录遍历序列,以WEB权限查看系统文件内容。 0 SeedDMS 4.3.3 SeedDMS 4.3.4已经修复该漏洞,建议用户下载更新: https://sourceforge.net/projects/seeddms/files/seeddms-4.3.4/...

6.4CVSS6.6AI score0.05205EPSS
Exploits3
0day.today
0day.today
added 2014/03/15 12:0 a.m.46 views

SeedDMS XSS / Traversal / Shell Upload Vulnerabilities

SeedDMS versions prior to 4.3.4 suffer from cross site scripting, remote shell upload, and path traversal vulnerabilities. Product description: ============ SeedDMS is the continuation of LetoDMS because it has lost its main developer. SeedDMS is an easy to use but powerful Open Source Document...

6.4CVSS6.5AI score0.05205EPSS
Exploits4
Packet Storm
Packet Storm
added 2014/03/14 12:0 a.m.40 views

SeedDMS XSS / Traversal / Shell Upload

Product description: ============ SeedDMS is the continuation of LetoDMS because it has lost its main developer. SeedDMS is an easy to use but powerful Open Source Document Management System. http://www.seeddms.org/index.php?id=2 ============ SeedDMS Unprivileged User Remote Code Execution...

6.4CVSS0.05205EPSS
Exploits4
Rows per page
Query Builder