Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
seeddms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-12944
Persistent Cross-Site Scripting (XSS) vulnerability in the "Categories" feature in SeedDMS (formerly LetoDMS and MyDMS) prior to 5.1.8 allows remote malicious users to inject arbitrary web script or HTML via the name field.
Seeddms Seeddms
4.3
CVSSv2
CVE-2019-12932
A stored XSS vulnerability was found in SeedDMS 5.1.11 due to poorly escaping the search result in the autocomplete search form placed in the header of out/out.Viewfolder.php.
Seeddms Seeddms 5.1.11
NA
CVE-2021-39421
A cross-site scripting (XSS) vulnerability in SeedDMS v6.0.15 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Seeddms Seeddms 6.0.15
5.8
CVSSv2
CVE-2021-45408
Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote malicious users to redirect users to malicious sites using the "referuri" parameter.
Seeddms Seeddms 6.0.15
4.3
CVSSv2
CVE-2019-12801
out/out.GroupMgr.php in SeedDMS 5.1.11 has Stored XSS by making a new group with a JavaScript payload as the "GROUP" Name.
Seeddms Seeddms 5.1.11
1 EDB exploit
4.3
CVSSv2
CVE-2020-28727
Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php.
Seeddms Seeddms 6.0.13
NA
CVE-2021-39425
SeedDMS v6.0.15 exists to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.
Seeddms Seeddms 6.0.15
5.8
CVSSv2
CVE-2020-28726
Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter to out/out.AddDocument.php.
Seeddms Seeddms 6.0.13
NA
CVE-2021-33223
An issue discovered in SeedDMS 6.0.15 allows an malicious user to escalate privileges via the userid and role parameters in the out.UsrMgr.php file.
Seeddms Seeddms 6.0.15
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3