SeedDMS version 5.1.22 (and some adjacent versions) contained an authenticated Remote Code Execution (RCE) vulnerability, primarily stemming from insecure file upload functionality. An attacker with valid document management system credentials could upload a malicious PHP file disguised as a regular document and then trigger its execution to take over the server.
GMT+8, 2025-12-14 16:48 , Processed in 0.014626 second(s), 6 queries , Gzip On, MemCache On.
Powered by Discuz! X3.4
© 2001-2023 Discuz! Team.
