Vulnerability Description
A directory traversal flaw in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows an authenticated attacker to write to (or potentially delete) arbitrary files via a .. (dot dot) in the "op/op.UploadChunks.php" "qquuid" parameter. NOTE: this can be leveraged to execute arbitrary code by using CVE-2018-12940.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Seeddms | Seeddms | < 5.1.8 |
Related Weaknesses (CWE)
References
- https://sourceforge.net/p/seeddms/code/ci/seeddms-5.1.x/tree/CHANGELOGPatchRelease NotesThird Party Advisory
- https://www.contextis.com/resources/advisories/cve-2018-12939PatchThird Party Advisory
- https://sourceforge.net/p/seeddms/code/ci/seeddms-5.1.x/tree/CHANGELOGPatchRelease NotesThird Party Advisory
- https://www.contextis.com/resources/advisories/cve-2018-12939PatchThird Party Advisory
FAQ
What is CVE-2018-12939?
CVE-2018-12939 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A directory traversal flaw in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows an authenticated attacker to write to (or potentially delete) arbitrary files via a .. (dot dot) in the "op/op.Up...
How severe is CVE-2018-12939?
CVE-2018-12939 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-12939?
Check the references section above for vendor advisories and patch information. Affected products include: Seeddms Seeddms.