Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
document server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-5830
A vulnerability classified as critical has been found in ColumbiaSoft Document Locator. This affects an unknown part of the file /api/authentication/login of the component WebTools. The manipulation of the argument Server leads to improper authentication. It is possible to initia...
Documentlocator Document Locator 21
Documentlocator Document Locator 7.2
Documentlocator Document Locator
4
CVSSv2
CVE-2007-3256
Xythos Enterprise Document Manager (XEDM), Digital Locker (XDL), and possibly WebFile Server prior to 6.0.46.1 allow remote authenticated users to associate arbitrary Content-Type HTTP headers with documents, which might facilitate malware distribution.
Xythos Digital Locker
Xythos Enterprise Document Manager
Xythos Webfile Server
3.5
CVSSv2
CVE-2007-3254
Multiple cross-site scripting (XSS) vulnerabilities in Xythos Enterprise Document Manager (XEDM) prior to 5.0.25.8, and 6.x prior to 6.0.46.1, allow remote authenticated users to inject arbitrary web script or HTML via (1) a saved Workflow name; (2) a Workflow name, related to de...
Xythos Enterprise Document Manager 5.0
Xythos Enterprise Document Manager 6.0
6.5
CVSSv2
CVE-2007-3255
Multiple cross-site request forgery (CSRF) vulnerabilities in Xythos Enterprise Document Manager (XEDM) prior to 5.0.25.8, and 6.x prior to 6.0.46.1, allow remote authenticated users to execute commands as arbitrary users via (1) a saved Workflow name or (2) the Content-Type HTTP...
Xythos Enterprise Document Manager
NA
CVE-2023-37290
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the available tags within its HTML to PDF conversion function, and allowing an unauthenticated malicious users to load remote or local resources through HTML tags such as iframe. This vulner...
Infodoc Document On-line Submission And Approval System 22567
Infodoc Document On-line Submission And Approval System 22547
NA
CVE-2023-49108
Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges.
Sei-info Rakrak Document Plus
6.5
CVSSv2
CVE-2021-24347
The SP Project & Document Manager WordPress plugin prior to 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It exists that php files...
Smartypantsplugins Sp Project \\& Document Manager
5
CVSSv2
CVE-2001-0748
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote malicious users to read arbitrary files by prepending several / (slash) characters to the URI.
Acme Labs Acme Server 1.7
1 EDB exploit
7.5
CVSSv2
CVE-2005-0063
The document processing application used by the Windows Shell in Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote malicious users to execute arbitrary code by modifying the CLSID stored in a file so that it is processed by HTML Application Host (MSHTA), a...
Microsoft Windows 2003 Server Standard
Microsoft Windows 2003 Server Web
Microsoft Windows Xp
Microsoft Windows 2000
Microsoft Windows 98
Microsoft Windows 98se
Microsoft Windows Me
Microsoft Windows 2003 Server Enterprise
Microsoft Windows 2003 Server R2
1 EDB exploit
9.3
CVSSv2
CVE-2015-0064
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote malicious users to execute arbitrary code or cause a denial of service (memory corru...
Microsoft Web Applications 2010
Microsoft Office Compatibility Pack
Microsoft Word Automation Services -
Microsoft Word 2010
Microsoft Word 2007
Microsoft Word Viewer
Microsoft Office 2010
Microsoft Sharepoint Server 2010
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »