Skip to main content

Kordil Edms

2 CVEs product

Monthly

CVE-2020-13887 HIGH This Week

documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Kordil Edms
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2020-13888 MEDIUM This Month

Kordil EDMS through 2.2.60rc3 allows stored XSS in users_edit.php, users_management_edit.php, and user_management.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Kordil Edms
NVD
CVSS 3.1
5.4
EPSS
0.5%
EPSS 2% CVSS 8.8
HIGH This Week

documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Kordil Edms
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Kordil EDMS through 2.2.60rc3 allows stored XSS in users_edit.php, users_management_edit.php, and user_management.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Kordil Edms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy