cbcvebase.

Cafuego Simple Document Management System vulnerabilities

4 known vulnerabilities affecting cafuego/simple_document_management_system.

Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
HIGH4

Vulnerabilities

Page 1 of 1
CVE-2010-4986P3HIGHCVSS 7.5PoCv1.1.4v1.1.5+1 more2011-11-01
CVE-2010-4986 [HIGH] CWE-89 CVE-2010-4986: SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter.
nvd
CVE-2008-6220P3HIGHCVSS 7.5PoCv1.1.4v1.1.52009-02-20
CVE-2008-6220 [HIGH] CWE-89 CVE-2008-6220: SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4 SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the pass parameter.
nvd
CVE-2008-6236P3HIGHCVSS 7.5PoCv1.1.4v1.1.52009-02-21
CVE-2008-6236 [HIGH] CWE-89 CVE-2008-6236: SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4 SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
nvd
CVE-2005-3877P3HIGHCVSS 7.5PoC≤ 2.0-cvsv1.1.4+2 more2005-11-29
CVE-2005-3877 [HIGH] CWE-89 CVE-2005-3877: Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earli Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earlier allow remote attackers to execute arbitrary SQL commands via the (1) folder_id parameter in list.php and (2) mid parameter in a view action to messages.php.
nvd
Cafuego Simple Document Management System vulnerabilities | cvebase