Vulnerabilities > Kordil Edms Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-22 | CVE-2020-13887 | Unrestricted Upload of File with Dangerous Type vulnerability in Kordil Edms Project Kordil Edms 2.2.60 documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder. | 6.5 |
| 2020-06-22 | CVE-2020-13888 | Cross-site Scripting vulnerability in Kordil Edms Project Kordil Edms 2.2.60 Kordil EDMS through 2.2.60rc3 allows stored XSS in users_edit.php, users_management_edit.php, and user_management.php. | 3.5 |