Lucene search

K

Letodms Security Vulnerabilities

cve
cve

CVE-2012-4385

letodms 3.3.6 has CSRF via change...

6.5CVSS

6.6AI Score

0.003EPSS

2019-11-13 05:15 PM
18
cve
cve

CVE-2012-4384

letodms has multiple XSS issues: Reflected XSS in Login Page, Stored XSS in Document Owner/User name, Stored XSS in...

6.1CVSS

5.9AI Score

0.001EPSS

2019-11-13 04:15 PM
27
cve
cve

CVE-2012-4567

Multiple cross-site scripting (XSS) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) inc/inc.ClassUI.php or (2)...

6.1CVSS

6AI Score

0.001EPSS

2017-10-23 06:29 PM
23
cve
cve

CVE-2012-4570

SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in LetoDMS (formerly MyDMS) before 3.3.8 allows remote attackers to execute arbitrary SQL commands via unspecified...

9.8CVSS

9.8AI Score

0.002EPSS

2017-10-23 06:29 PM
16
cve
cve

CVE-2012-4568

Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to hijack the authentication of unspecified victims via unknown...

8.8CVSS

8.9AI Score

0.002EPSS

2017-10-23 06:29 PM
17
cve
cve

CVE-2012-4569

Multiple cross-site scripting (XSS) vulnerabilities in out/out.UsrMgr.php in LetoDMS (formerly MyDMS) before 3.3.9 allow remote attackers to inject arbitrary web script or HTML via unspecified...

6.1CVSS

5.9AI Score

0.001EPSS

2017-10-23 06:29 PM
18
cve
cve

CVE-2010-2006

Directory traversal vulnerability in op/op.Login.php in LetoDMS (formerly MyDMS) 1.7.2 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the lang...

6.8AI Score

0.023EPSS

2010-05-20 09:30 PM
25
cve
cve

CVE-2010-2007

Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) 1.7.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that use (1) op/op.EditUserData.php, (2) op/op.UsrMgr.php, (3) out/out.RemoveVersion.php, (4)...

7.4AI Score

0.005EPSS

2010-05-20 09:30 PM
19