2 matches found
CVE-2018-12942
SQL injection vulnerability in the "Users management" functionality in SeedDMS formerly LetoDMS and MyDMS before 5.1.8 allows authenticated attackers to manipulate an SQL query within the application by sending additional SQL commands to the application server. An attacker can use this...
CVE-2018-12942
SeedDMS (formerly LetoDMS/MyDMS) contains a SQL injection vulnerability in the Users management feature affecting versions before 5.1.8 . The flaw allows authenticated attackers to manipulate SQL queries on the application server, enabling extraction, modification, or deletion of data in the back...