Known Vulnerabilities for products from Opendocman
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Opendocman".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-45834 json | An attacker can upload or transfer files of dangerous types to the OpenDocMan 1.4.4 portal via add.php using MIME-bypass, whi... | 9.8 - CRITICAL | 2022-03-18 | 2022-03-25 |
| CVE-2019-25684 json | OpenDocMan 1.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries... | Not Provided | 2026-04-05 | 2026-04-09 |
| CVE-2015-5625 json | Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 allows remote attackers to inject arbitrary web script or... | 4.3 - MEDIUM | 2015-09-07 | 2016-12-22 |
| CVE-2014-4853 json | Cross-site scripting (XSS) vulnerability in odm-init.php in OpenDocMan before 1.2.7.3 allows remote authenticated users to in... | 4.3 - MEDIUM | 2014-07-10 | 2014-07-11 |
| CVE-2014-2317 json | SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL com... | 6.8 - MEDIUM | 2014-03-09 | 2014-03-10 |
| CVE-2014-1946 json | OpenDocMan 1.2.7 and earlier does not properly validate allowed actions, which allows remote authenticated users to bypass an... | 8.8 - HIGH | 2018-04-10 | 2019-04-26 |
| CVE-2014-1945 json | SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers to execute arbitrary SQL com... | 7.5 - HIGH | 2014-03-09 | 2014-03-10 |
| CVE-2011-3764 json | OpenDocMan 1.2.6-svn-2011-01-21 allows remote attackers to obtain sensitive information via a direct request to a .php file, ... | 5 - MEDIUM | 2011-09-24 | 2017-08-29 |
| CVE-2009-3801 json | SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via th... | Not Provided | 2009-10-27 | 2026-04-23 |
| CVE-2009-3789 json | Multiple cross-site scripting (XSS) vulnerabilities in OpenDocMan 1.2.5 allow remote attackers to inject arbitrary web script... | Not Provided | 2009-10-26 | 2026-04-23 |
| CVE-2009-3788 json | SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via th... | Not Provided | 2009-10-26 | 2026-04-23 |
| CVE-2008-2788 json | Cross-site scripting (XSS) vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to inject arbitrary web scr... | Not Provided | 2008-06-20 | 2026-04-23 |
| CVE-2008-2787 json | Cross-site scripting (XSS) vulnerability in out.php in OpenDocMan 1.2.5 allows remote attackers to inject arbitrary web scrip... | Not Provided | 2008-06-20 | 2026-04-23 |
| CVE-2006-5655 json | SQL injection vulnerability in index.php in OpenDocMan 1.2p3 allows remote attackers to execute arbitrary SQL commands via th... | Not Provided | 2006-11-03 | 2026-04-23 |
Known software with vulnerabilities from Opendocman
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Opendocman | Opendocman | 1.2.6 |