Infodoc Document On-Line Submission And Approval System vulnerabilities
2 known vulnerabilities affecting infodoc/document_on-line_submission_and_approval_system.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2023-37289P2CRITICALCVSS 9.8v22547v225672023-07-20
CVE-2023-37289 [CRITICAL] CWE-434 CVE-2023-37289: It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uplo
It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run arbitrary executable files to perform arbitrary system
nvd
CVE-2023-37290P3HIGHCVSS 7.5v22547v225672023-07-20
CVE-2023-37290 [HIGH] CWE-918 CVE-2023-37290: InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the availa
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the available tags within its HTML to PDF conversion function, and allowing an unauthenticated attackers to load remote or local resources through HTML tags such as iframe. This vulnerability allows unauthenticated remote attackers to perform Server-Side Request Fo
nvd