4 matches found
CVE-2008-6220
CVE-2008-6220 affects Simple Document Management System (SDMS) versions 1.1.5 and 1.1.4 (and possibly earlier). The vulnerability is a SQL injection in login.php that allows remote attackers to execute arbitrary SQL commands via the pass parameter. Root cause: unsanitized user input fed into a SQ...
CVE-2010-4986
The CVE-2010-4986 entry concerns the Simple Document Management System (SDMS). The affected component is the PHP page detail.php, where the doc_id parameter is vulnerable to SQL injection. Root cause: improper handling of user-supplied doc_id leading to arbitrary SQL execution. Documented impact ...
CVE-2008-6236
CVE-2008-6236 is a SQL injection in the login.php of Simple Document Management System (SDMS) versions 1.1.5 and 1.1.4 (and possibly earlier). The vulnerability allows remote attackers to inject arbitrary SQL commands via the login parameter, enabling potential data compromise. The entry notes pr...
CVE-2005-3877
CVE-2005-3877 affects the Simple Document Management System (SDMS) 2.0-CVS and earlier. The vulnerabilities are SQL injection flaws in two parameters: (1) folder_id in list.php and (2) mid in a view action to messages.php, allowing remote attackers to execute arbitrary SQL commands. The NVD entry...