Vulnerabilities > Opendocman

DATE	CVE	VULNERABILITY TITLE	RISK
2022-03-18	CVE-2021-45834	Unrestricted Upload of File with Dangerous Type vulnerability in Opendocman 1.4.4 An attacker can upload or transfer files of dangerous types to the OpenDocMan 1.4.4 portal via add.php using MIME-bypass, which may be automatically processed within the product's environment or lead to arbitrary code execution. network low complexity opendocman CWE-434 critical	9.8
2018-04-10	CVE-2014-1946	Permissions, Privileges, and Access Controls vulnerability in Opendocman OpenDocMan 1.2.7 and earlier does not properly validate allowed actions, which allows remote authenticated users to bypass an intended access restrictions and assign administrative privileges to themselves via a crafted request to signup.php. network low complexity opendocman CWE-264	8.8

Vulnerabilities > Opendocman {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Opendocman"}]}