Filtered by vendor Xythos
Subscriptions
Filtered by product Enterprise Document Manager
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2007-3256 | 1 Xythos | 3 Digital Locker, Enterprise Document Manager, Webfile Server | 2024-11-21 | N/A |
Xythos Enterprise Document Manager (XEDM), Digital Locker (XDL), and possibly WebFile Server before 6.0.46.1 allow remote authenticated users to associate arbitrary Content-Type HTTP headers with documents, which might facilitate malware distribution. | ||||
CVE-2007-3255 | 1 Xythos | 1 Enterprise Document Manager | 2024-11-21 | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in Xythos Enterprise Document Manager (XEDM) before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to execute commands as arbitrary users via (1) a saved Workflow name or (2) the Content-Type HTTP header. NOTE: item 2 also affects the same version numbers of Xythos Digital Locker (XDL). One or both vectors might also affect Xythos WebFile Server. | ||||
CVE-2007-3254 | 1 Xythos | 1 Enterprise Document Manager | 2024-11-21 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Xythos Enterprise Document Manager (XEDM) before 5.0.25.8, and 6.x before 6.0.46.1, allow remote authenticated users to inject arbitrary web script or HTML via (1) a saved Workflow name; (2) a Workflow name, related to deletion of a Workflow template; (3) the Content-Type HTTP header; or (4) the name of an uploaded file. NOTE: items 3 and 4 also affect the same version numbers of Xythos Digital Locker (XDL). Some or all vectors might also affect Xythos WebFile Server. |
Page 1 of 1.