138 matches found
CVE-2013-10066 Kordil EDMS v2.2.60rc3 Unauthenticated Arbitrary File Upload
An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint usersadd.php that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP...
Kordil EDMS 安全漏洞
Kordil EDMS is an open source electronic document management system from the Turkish company Kordil. The system supports features such as document management and document control. A security vulnerability exists in Kordil EDMS version v2.2.60rc3, which stems from an unvalidated uploaded file type...
PT-2025-31990 · Unknown · Kordil Edms
Name of the Vulnerable Software and Affected Versions: Kordil EDMS version 2.2.60rc3 Description: An unauthenticated arbitrary file upload vulnerability exists in the application. The application exposes an upload endpoint /users add.php that allows attackers to upload files to the /userpictures/...
e-Diary Management System Session Hijacking Vulnerability
The e-Diary Management System is an electronic diary management system. The e-Diary Management System suffers from a session hijacking vulnerability that stems from improper session invalidation of the component /edms/change-password.php. No details of the vulnerability are available at this time...
CVE-2025-50492
Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary Management System v1 allows attackers to execute a session hijacking attack...
CVE-2020-13887
documentsadd.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder...
CVE-2020-13888
Kordil EDMS through 2.2.60rc3 allows stored XSS in usersedit.php, usersmanagementedit.php, and usermanagement.php...
buildbot-badges (>=1.7.0 <=1.8.2), cico (>=0.1.0 <=0.1.8) +18 more potentially affected by CVE-2023-27586 via cairosvg (>=0.5.0 <=2.6.0)
cairosvg PYPI version =0.5.0, =1.7.0, =0.1.0, =1.0.0b1, =0.0.2, =0.1.0, =0.1.0, =2.11.0, =4.3.0, =0.0.1, =9.0.5, =1.0.0, =0.1.0, =0.2.7 and more Source cves: CVE-2023-27586 Source advisory: OSV:GHSA-RWMF-W63J-P7GV...
Unpatched Security Flaws Disclosed in Multiple Document Management Systems
Multiple unpatched security flaws have been disclosed in open source and freemium Document Management System DMS offerings from four vendors LogicalDOC, Mayan, ONLYOFFICE, and OpenKM. Cybersecurity firm Rapid7 said the eight vulnerabilities offer a mechanism through which "an attacker can convinc...
GHSA-5M6V-2XGF-QHRW Mayan EDMS DMS XSS vulnerability
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...
Mayan EDMS DMS XSS vulnerability
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...
CVE-2022-47419
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...
Cross site scripting
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...
PYSEC-2023-276
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...
PYSEC-2023-276
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...
CVE-2022-47419 Mayan EDMS Tag XSS
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...
CVE-2022-47419 Mayan EDMS Tag XSS
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...
CVE-2022-47419
CVE-2022-47419 affects Mayan EDMS DMS with a reflected XSS in the in-product tagging system. The CVSS 3.1 base score is 5.4 (MEDIUM) with network attack vector, low attack complexity, require low privileges and user interaction. Exploitation observed per GHSA-5M6V-2XGF-QHRW and OSV details; no au...
CVE-2022-47419 Mayan EDMS Tag XSS
An XSS vulnerability was discovered in the Mayan EDMS DMS. Successful XSS exploitation was observed in the in-product tagging system...
Mayan EDMS 跨站脚本漏洞
Mayan EDMS is a free web-based document management system from Mayan EDMS, Inc. It is used to manage documents within an organization. A security vulnerability exists in Mayan EDMS. An attacker could exploit this vulnerability to perform cross-site scripting attacks...