Vulnerabilities > Openkm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-09-09 | CVE-2012-2315 | Permissions, Privileges, and Access Controls vulnerability in Openkm 5.1.7/5.1.8 admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not properly enforce privileges for changing user roles, which allows remote authenticated users to assign administrator privileges to arbitrary users via the userEdit action. | 4.0 |
| 2008-05-14 | CVE-2008-2226 | Permissions, Privileges, and Access Controls vulnerability in Openkm 1.0/1.1 Unspecified vulnerability in the export feature in OpenKM before 2.0 allows remote attackers to export arbitrary documents via unspecified vectors. | 5.0 |