Vulnerabilities > Opendocman > Opendocman > 1.2.7.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-09-07 | CVE-2015-5625 | Cross-site Scripting vulnerability in Opendocman Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter. | 4.3 |
2014-07-10 | CVE-2014-4853 | Cross-Site Scripting vulnerability in Opendocman Cross-site scripting (XSS) vulnerability in odm-init.php in OpenDocMan before 1.2.7.3 allows remote authenticated users to inject arbitrary web script or HTML via the file name of an uploaded file. | 4.3 |
2014-03-09 | CVE-2014-2317 | SQL Injection vulnerability in Opendocman SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the table parameter. | 6.8 |
2014-03-09 | CVE-2014-1945 | SQL Injection vulnerability in Opendocman SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL commands via the add_value parameter. | 7.5 |