Lucene search
K

4 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/05 8:45 p.m.2 views

CVE-2019-25684

OpenDocMan 1.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'where' parameter. Attackers can send GET requests to search.php with malicious SQL payloads in the 'where' parameter to extract sensitiv...

8.8CVSS6AI score0.00327EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/04/05 8:45 p.m.12 views

CVE-2019-25684

OpenDocMan 1.3.4 is vulnerable to an SQL injection via the where parameter in the search.php endpoint. The issue arises from unsafely constructed SQL queries that allow unauthenticated attackers to manipulate database queries and potentially extract sensitive information. Documented impact includ...

8.8CVSS6AI score0.00327EPSS
Exploits1References3Affected Software1
exploitpack
exploitpack
added 2016/02/04 12:0 a.m.22 views

OpenDocMan 1.3.4 - Cross-Site Request Forgery

OpenDocMan 1.3.4 - Cross-Site Request Forgery Security Advisory - Curesec Research Team 1. Introduction Affected Product: Opendocman 1.3.4 Fixed in: 1.3.5 Fixed Version Link: http://www.opendocman.com/free-download/ Vendor Website: http://www.opendocman.com/ Vulnerability Type: CSRF Remote...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2016/02/03 12:0 a.m.42 views

Opendocman 1.3.4 HTML Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Opendocman 1.3.4 Fixed in: 1.3.5 Fixed Version Link: http://www.opendocman.com/free-download/ Vendor Website: http://www.opendocman.com/ Vulnerability Type: HTML Injection Remote Exploitable: Yes Reported to vendor:...

7.4AI score
Exploits0
Rows per page
Query Builder