Mydms : Security Vulnerabilities, CVEs,
Directory traversal vulnerability in MyDMS 1.4.2 and other versions allows remote registered users to read arbitrary files via .. (dot dot) sequences in the URL.
Max CVSS
5.0
EPSS Score
0.26%
Published
2004-08-20
Updated
2017-07-11
SQL injection vulnerability in out.ViewFolder.php in MyDMS before 1.4.2 allows remote attackers to execute arbitrary SQL commands via the folderid parameter.
Max CVSS
7.5
EPSS Score
0.24%
Published
2004-08-20
Updated
2017-07-11
2 vulnerabilities found