Lucene search
K

4 matches found

Cvelist
Cvelist
added 2014/03/20 4:0 p.m.22 views

CVE-2014-2280

Cross-site scripting XSS vulnerability in the search feature in SeedDMS formerly LetoDMS and MyDMS before 4.3.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter...

5.6AI score0.01952EPSS
Exploits2References5
CVE
CVE
added 2014/03/20 4:0 p.m.44 views

CVE-2014-2280

SeedDMS (formerly LetoDMS/MyDMS) before version 4.3.4 is affected by a reflected XSS in the search feature. The vulnerability arises from the query parameter used by the search, allowing attackers to inject arbitrary scripts/HTML that are returned without proper validation or sanitization. Public...

4.3CVSS5.8AI score0.01952EPSS
Exploits2References5Affected Software1
0day.today
0day.today
added 2014/03/15 12:0 a.m.46 views

SeedDMS XSS / Traversal / Shell Upload Vulnerabilities

SeedDMS versions prior to 4.3.4 suffer from cross site scripting, remote shell upload, and path traversal vulnerabilities. Product description: ============ SeedDMS is the continuation of LetoDMS because it has lost its main developer. SeedDMS is an easy to use but powerful Open Source Document...

6.4CVSS6.5AI score0.05205EPSS
Exploits4
Packet Storm
Packet Storm
added 2014/03/14 12:0 a.m.40 views

SeedDMS XSS / Traversal / Shell Upload

Product description: ============ SeedDMS is the continuation of LetoDMS because it has lost its main developer. SeedDMS is an easy to use but powerful Open Source Document Management System. http://www.seeddms.org/index.php?id=2 ============ SeedDMS Unprivileged User Remote Code Execution...

6.4CVSS0.05205EPSS
Exploits4
Rows per page
Query Builder