Vulnerabilities > Seeddms > Seeddms > 5.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-31 | CVE-2018-12941 | Improper Input Validation vulnerability in Seeddms This vulnerability allows remote attackers to execute arbitrary code in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 by adding a system command at the end of the "cacheDir" path and following usage of the "Clear Cache" functionality. | 9.0 |
2018-07-31 | CVE-2018-12940 | Unrestricted Upload of File with Dangerous Type vulnerability in Seeddms Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension specified by the "qqfile" parameter. | 6.5 |
2018-07-31 | CVE-2018-12939 | Path Traversal vulnerability in Seeddms A directory traversal flaw in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows an authenticated attacker to write to (or potentially delete) arbitrary files via a .. | 5.5 |