cb
cvebase
.
~
/
products
/
kordil
/
edms
Search CVEs, products, detections…
⌘K
pipeline live
Digest
Docs
Home
/
Products
/
kordil
/
Kordil Edms
Kordil Edms vulnerabilities
1 known vulnerability affecting
kordil/edms
.
Track
Version
All versions
Total CVEs
1
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL
1
Vulnerabilities
Sort
Most important
Highest Priority
Highest EPSS
Highest CVSS
Newest
Oldest
Page 1 of 1
CVE-2013-10066
P2
CRITICAL
CVSS 10.0
PoC
v2.2.60rc3
2025-08-05
CVE-2013-10066 [CRITICAL] CWE-434 CVE-2013-10066: An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The applica An unauthenticated arbitrary file upload vulnerability exists in Kordil EDMS v2.2.60rc3. The application exposes an upload endpoint (users_add.php) that allows attackers to upload files to the /userpictures/ directory without authentication. This flaw enables remote code execution by uploading a PHP payload and invoking it via a direct HTTP reques
nvd
Kordil Edms vulnerabilities | cvebase