← Back

Infodoc

infodoc

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Document On Line Submission And Approval System
document_on-line_submission_and_approval_system
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-37290
1Infodoc
1Document On Line Submission And Approval System
Nov 21, 2024
Jul 20, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the available tags within its HTML to PDF conversion function, and allowing an unauthenticated attackers to load remote or local r...Show more
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the available tags within its HTML to PDF conversion function, and allowing an unauthenticated attackers to load remote or local resources through HTML tags such as iframe. This vulnerability allows unauthenticated remote attackers to perform Server-Side Request Forgery (SSRF) attacks, gaining unauthorized access to arbitrary system files and uncovering the internal network topology. Show less
CVE-2023-37289
1Infodoc
1Document On Line Submission And Approval System
Nov 21, 2024
Jul 20, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attac...Show more
It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service. This issue affects Document On-line Submission and Approval System: 22547, 22567.Show less