← Back

Kordil Edms

kordil_edms

Vendor: Kordil Edms Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-13887
1Kordil Edms Project
1Kordil Edms
Jun 17, 2026
Jun 22, 2020
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder.
CVE-2020-13888
1Kordil Edms Project
1Kordil Edms
Jun 17, 2026
Jun 22, 2020
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Kordil EDMS through 2.2.60rc3 allows stored XSS in users_edit.php, users_management_edit.php, and user_management.php.