Search Results | AttackerKB

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2021-39421

Disclosure Date: July 24, 2023 (last updated October 08, 2023)

A cross-site scripting (XSS) vulnerability in SeedDMS v6.0.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

Attacker Value

Unknown

CVE-2021-39425

Disclosure Date: July 20, 2023 (last updated October 08, 2023)

SeedDMS v6.0.15 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2021-33223

Disclosure Date: June 07, 2023 (last updated October 08, 2023)

An issue discovered in SeedDMS 6.0.15 allows an attacker to escalate privileges via the userid and role parameters in the out.UsrMgr.php file.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Unknown

CVE-2021-45408

Disclosure Date: February 04, 2022 (last updated February 23, 2025)

Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote malicious users to redirect users to malicious sites using the "referuri" parameter.

Attack Vector: Network Privileges: None User Interaction: Required

4 Total Results

Displaying 1-4 of 4

Unknown

CVE-2021-39421

Unknown

CVE-2021-39425

Unknown

CVE-2021-33223

Unknown

CVE-2021-45408

Quick Cookie Notification