CVE-2021-33950

An issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function...

EUVD-2012-2309

Malware in sbrugna...

EUVD-2008-2223

Malware in sbrugna...

EUVD-2014-8784

Malware in sbrugna...

EUVD-2022-43301

Malicious code in bioql PyPI...

CVE-2012-2316

Cross-site request forgery CSRF vulnerability in servlet/admin/AuthServlet.java in OpenKM 5.1.7 and other versions before 5.1.8-2 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary code via the script parameter to admin/scripting.jsp...

CVE-2021-33950

An issue discovered in OpenKM v6.3.10 allows attackers to obtain sensitive information via the XMLTextExtractor function...

CVE-2022-3969 OpenKM FileUtils.java getFileExtension temp file

A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this...

OpenKM Cross-Site Scripting Vulnerability (CNVD-2017-30870)

OpenKM is a document management system from OpenKM Spain. The system provides features such as version control, document history and file sharing. A cross-site scripting vulnerability exists in versions of OpenKM prior to 6.4.19. A remote attacker can exploit this vulnerability to inject arbitrar...