SeedDMS prior to 5.1.11 allows Remote Command Execution (RCE) because of unvalidated file upload of PHP scripts, a different vulnerability than CVE-2018-12940.
seeddms seeddms
Remote Command Execution through Unvalidated File Upload in SeedDMS versions <5.1.11
CVE-2019-12744 Information Exploit Title: Remote Command Execution through Unvalidated File Upload in SeedDMS versions < 5111 CVE: CVE-2019-12744 Vendor Homepage: wwwseeddmsorg/indexphp?id=2 Exploit Author: NobodyAtall Tested version: Seeddms 5110, 5011 Tested OS: Windows 7 x64 Medium Article bryanleong98mediumcom/cve-2019-12744-remote-com