Lucene search
K

138 matches found

Vulnrichment
Vulnrichment
added 2025/08/05 8:2 p.m.3 views

CVE-2013-10066 Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload

An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint usersadd.php that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP...

10CVSS7.7AI score0.01154EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/08/05 12:0 a.m.3 views

Kordil EDMS 安全漏洞

Kordil EDMS is an open source electronic document management system from the Turkish company Kordil. The system supports features such as document management and document control. A security vulnerability exists in Kordil EDMS version v2.2.60rc3, which stems from an unvalidated uploaded file type...

10CVSS7.8AI score0.01154EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/08/05 12:0 a.m.6 views

PT-2025-31990 · Unknown · Kordil Edms

Name of the Vulnerable Software and Affected Versions: Kordil EDMS version 2.2.60rc3 Description: An unauthenticated arbitrary file upload vulnerability exists in the application. The application exposes an upload endpoint /users add.php that allows attackers to upload files to the /userpictures/...

10CVSS7.4AI score0.01154EPSS
Exploits0References7
CNVD
CNVD
added 2025/07/30 12:0 a.m.3 views

e-Diary Management System Session Hijacking Vulnerability

The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a session hijacking vulnerability that stems from improper session invalidation of the component /edms/change-password.php. No details of the vulnerability are available at this time...

7.5CVSS6.9AI score0.00429EPSS
Exploits0References1
OSV
OSV
added 2025/07/28 6:15 p.m.3 views

CVE-2025-50492

Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary Management System v1 allows attackers to execute a session hijacking attack...

7.5CVSS5.8AI score0.00429EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:18 p.m.7 views

CVE-2020-13887

documentsadd.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder...

8.8CVSS7.2AI score0.02445EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:18 p.m.8 views

CVE-2020-13888

Kordil EDMS through 2.2.60rc3 allows stored XSS in usersedit.php, usersmanagementedit.php, and usermanagement.php...

5.4CVSS5.9AI score0.00521EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/03/20 9:27 p.m.13 views

buildbot-badges (>=1.7.0 <=1.8.2), cico (>=0.1.0 <=0.1.8) +18 more potentially affected by CVE-2023-27586 via cairosvg (>=0.5.0 <=2.6.0)

cairosvg PYPI version =0.5.0, =1.7.0, =0.1.0, =1.0.0b1, =0.0.2, =0.1.0, =0.1.0, =2.11.0, =4.3.0, =0.0.1, =9.0.5, =1.0.0, =0.1.0, =0.2.7 and more Source cves: CVE-2023-27586 Source advisory: OSV:GHSA-RWMF-W63J-P7GV...

9.9CVSS7.1AI score0.00722EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/02/08 3:15 p.m.6 views

Unpatched Security Flaws Disclosed in Multiple Document Management Systems

Multiple unpatched security flaws have been disclosed in open source and freemium Document Management System DMS offerings from four vendors LogicalDOC, Mayan, ONLYOFFICE, and OpenKM. Cybersecurity firm Rapid7 said the eight vulnerabilities offer a mechanism through which "an attacker can convinc...

5.4CVSS6.3AI score0.00582EPSS
Exploits8
OSV
OSV
added 2023/02/08 12:30 a.m.6 views

GHSA-5M6V-2XGF-QHRW Mayan EDMS DMS XSS vulnerability

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

5.4CVSS5.2AI score0.00582EPSS
Exploits2References5
Github Security Blog
Github Security Blog
added 2023/02/08 12:30 a.m.10 views

Mayan EDMS DMS XSS vulnerability

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

5.4CVSS6AI score0.00536EPSS
Exploits2References5Affected Software1
NVD
NVD
added 2023/02/07 10:15 p.m.18 views

CVE-2022-47419

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

5.4CVSS5.3AI score0.00536EPSS
Exploits2References2
Prion
Prion
added 2023/02/07 10:15 p.m.14 views

Cross site scripting

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

4.9CVSS5.3AI score0.00582EPSS
Exploits2References2Affected Software1
PyPA
PyPA
added 2023/02/07 10:15 p.m.7 views

PYSEC-2023-276

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

5.4CVSS6.4AI score0.00582EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2023/02/07 10:15 p.m.13 views

PYSEC-2023-276

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

5.4CVSS5.2AI score0.00582EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2023/02/07 9:47 p.m.7 views

CVE-2022-47419 Mayan EDMS Tag XSS

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

6.2AI score0.00582EPSS
Exploits2References2
Cvelist
Cvelist
added 2023/02/07 9:47 p.m.19 views

CVE-2022-47419 Mayan EDMS Tag XSS

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

5.4AI score0.00582EPSS
Exploits2References2
CVE
CVE
added 2023/02/07 9:47 p.m.46 views

CVE-2022-47419

CVE-2022-47419 affects Mayan EDMS DMS with a reflected XSS in the in-product tagging system. The CVSS 3.1 base score is 5.4 (MEDIUM) with network attack vector, low attack complexity, require low privileges and user interaction. Exploitation observed per GHSA-5M6V-2XGF-QHRW and OSV details; no au...

5.4CVSS5.2AI score0.00582EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2023/02/07 9:47 p.m.16 views

CVE-2022-47419 Mayan EDMS Tag XSS

An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...

5.4CVSS6.3AI score0.00582EPSS
Exploits2References4
CNNVD
CNNVD
added 2023/02/07 12:0 a.m.4 views

Mayan EDMS 跨站脚本漏洞

Mayan EDMS is a free web-based document management system from Mayan EDMS, Inc. It is used to manage documents within an organization. A security vulnerability exists in Mayan EDMS. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

5.4CVSS5.6AI score0.00536EPSS
Exploits2References3
Rows per page
Query Builder