RSS   Vulnerabilities for 'Kordil edms'   RSS

2020-06-22
 
CVE-2020-13887

CWE-434
 

 
documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder.

 
 
CVE-2020-13888

CWE-79
 

 
Kordil EDMS through 2.2.60rc3 allows stored XSS in users_edit.php, users_management_edit.php, and user_management.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top