documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder.
8.8CVSS
8.8AI Score
0.004EPSS
Kordil EDMS through 2.2.60rc3 allows stored XSS in users_edit.php, users_management_edit.php, and user_management.php.
5.4CVSS
5.2AI Score
0.001EPSS