Vulnerabilities > Openkm

DATE CVE VULNERABILITY TITLE RISK
2012-09-09 CVE-2012-2315 Permissions, Privileges, and Access Controls vulnerability in Openkm 5.1.7/5.1.8
admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not properly enforce privileges for changing user roles, which allows remote authenticated users to assign administrator privileges to arbitrary users via the userEdit action.
network
low complexity
openkm CWE-264
4.0
2008-05-14 CVE-2008-2226 Permissions, Privileges, and Access Controls vulnerability in Openkm 1.0/1.1
Unspecified vulnerability in the export feature in OpenKM before 2.0 allows remote attackers to export arbitrary documents via unspecified vectors.
network
low complexity
openkm CWE-264
5.0