Vulnerabilities > Logicaldoc > Logicaldoc > 8.1.1

DATE CVE VULNERABILITY TITLE RISK
2020-04-08 CVE-2020-10366 Path Traversal vulnerability in Logicaldoc
LogicalDoc before 8.3.3 allows /servlet.gupld Directory Traversal, a different vulnerability than CVE-2020-9423 and CVE-2020-10365.
network
low complexity
logicaldoc CWE-22
7.5
7.5
2020-03-18 CVE-2020-9423 Unrestricted Upload of File with Dangerous Type vulnerability in Logicaldoc
LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database.
network
low complexity
logicaldoc CWE-434
critical
 9.8
9.8
2020-03-18 CVE-2020-10365 SQL Injection vulnerability in Logicaldoc
LogicalDoc before 8.3.3 allows SQL Injection.
network
low complexity
logicaldoc CWE-89
6.5
6.5
2019-05-30 CVE-2019-9723 Path Traversal vulnerability in Logicaldoc 8.0/8.1/8.1.1
LogicalDOC Community Edition 8.x before 8.2.1 has a path traversal vulnerability that allows reading arbitrary files and the creation of directories, in the class PluginRegistry.
network
low complexity
logicaldoc CWE-22
7.1
7.1