CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-44938
https://notcve.org/view.php?id=CVE-2022-44938
Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full account takeover via a brute force attack. La generación débil de tokens de reinicio en SeedDMS v6.0.20 y v5.1.7 permite a los atacantes ejecutar una apropiación completa de la cuenta mediante un ataque de fuerza bruta. • https://pwnit.io/2022/11/23/weak-password-reset-token-leads-to-account-takeover-in-seeddms •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1CVE-2022-28051
https://notcve.org/view.php?id=CVE-2022-28051
The "Add category" functionality inside the "Global Keywords" menu in "SeedDMS" version 6.0.18 and 5.1.25, is prone to stored XSS which allows an attacker to inject malicious javascript code. La funcionalidad "Add category" dentro del menú "Global Keywords" en "SeedDMS" versiones 6.0.18 y 5.1.25, es propensa a un ataque de tipo XSS almacenado que permite a un atacante inyectar código javascript malicioso • https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/blob/main/CVE-2022-28051/README.md https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28051 https://sourceforge.net/p/seeddms/code/ci/6fc17be5d95e8f00fbe5c124c4acd377fa2ce69d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2022-28478
https://notcve.org/view.php?id=CVE-2022-28478
SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The "Remove file" functionality inside the "Log files management" menu does not sanitize user input allowing attackers with admin privileges to delete arbitrary files on the remote system. SeedDMS versiones 6.0.17 y 5.1.24, son vulnerables a un Salto de Directorio. La funcionalidad "Remove file" dentro del menú "Log files management" no sanea la entrada del usuario, lo que permite a atacantes con privilegios de administrador eliminar archivos arbitrarios en el sistema remoto • https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478 https://sourceforge.net/p/seeddms/code/ci/d68c922152e8a8060dd7fc3ebdd7af685e270e36 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-28479
https://notcve.org/view.php?id=CVE-2022-28479
SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to stored XSS. An attacker with admin privileges can inject the payload inside the "Role management" menu and then trigger the payload by loading the "Users management" menu SeedDMS versiones 6.0.18 y 5.1.25 y anteriores, son vulnerables a un ataque de tipo XSS almacenado. Un atacante con privilegios de administrador puede inyectar la carga útil dentro del menú "Role management" y luego desencadenar la carga útil al cargar el menú "Users management" • https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28479 https://sourceforge.net/p/seeddms/code/ci/9e92524fdbd1e7c3e6771d669f140c62389ec375 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 1CVE-2021-36543
https://notcve.org/view.php?id=CVE-2021-36543
Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.UnlockDocument.php in SeedDMS v5.1.x <5.1.23 and v6.0.x <6.0.16 allows a remote attacker to unlock any document without victim's knowledge, by enticing an authenticated user to visit an attacker's web page. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en el archivo /op/op.UnlockDocument.php en SeedDMS versiones v5.1.x anteriores a 5.1.23 y versiones v6.0.x anteriores a 6.0.16, permite a un atacante remoto desbloquear cualquier documento sin el conocimiento de la víctima, tentando a un usuario autenticado a visitar una página web del atacante • https://cyberdivision.medium.com/cve-2021-36543-9622f50c6dc • CWE-352: Cross-Site Request Forgery (CSRF) •