Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seeddms seeddms vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-45408
Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote malicious users to redirect users to malicious sites using the "referuri" parameter.
Seeddms Seeddms 6.0.15
6.1
CVSSv3
CVE-2020-23048
SeedDMS Content Management System v6.0.7 contains a persistent cross-site scripting (XSS) vulnerability in the component AddEvent.php via the name and comment parameters.
Seeddms Seeddms 4.3.37
Seeddms Seeddms 5.0.13
Seeddms Seeddms 5.1.14
Seeddms Seeddms 5.1.16
Seeddms Seeddms 5.1.18
Seeddms Seeddms 6.0.7
6.1
CVSSv3
CVE-2020-28727
Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php.
Seeddms Seeddms 6.0.13
6.1
CVSSv3
CVE-2020-28726
Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter to out/out.AddDocument.php.
Seeddms Seeddms 6.0.13
6.1
CVSSv3
CVE-2019-12932
A stored XSS vulnerability was found in SeedDMS 5.1.11 due to poorly escaping the search result in the autocomplete search form placed in the header of out/out.Viewfolder.php.
Seeddms Seeddms 5.1.11
6.1
CVSSv3
CVE-2019-12801
out/out.GroupMgr.php in SeedDMS 5.1.11 has Stored XSS by making a new group with a JavaScript payload as the "GROUP" Name.
Seeddms Seeddms 5.1.11
1 EDB exploit
6.1
CVSSv3
CVE-2018-12943
Cross-Site Scripting (XSS) vulnerability in every page that includes the "action" URL parameter in SeedDMS (formerly LetoDMS and MyDMS) prior to 5.1.8 allows remote malicious users to inject arbitrary web script or HTML via the action parameter.
Seeddms Seeddms
6.1
CVSSv3
CVE-2018-12944
Persistent Cross-Site Scripting (XSS) vulnerability in the "Categories" feature in SeedDMS (formerly LetoDMS and MyDMS) prior to 5.1.8 allows remote malicious users to inject arbitrary web script or HTML via the name field.
Seeddms Seeddms
5.4
CVSSv3
CVE-2022-28051
The "Add category" functionality inside the "Global Keywords" menu in "SeedDMS" version 6.0.18 and 5.1.25, is prone to stored XSS which allows an malicious user to inject malicious javascript code.
Seeddms Seeddms 5.1.25
Seeddms Seeddms 6.0.18
1 Github repository
5.4
CVSSv3
CVE-2019-12745
out/out.UsrMgr.php in SeedDMS prior to 5.1.11 allows Stored Cross-Site Scripting (XSS) via the name field.
Seeddms Seeddms
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »