Description
SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploits (1)
References (4)
Core 4
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32114
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32502
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/46342
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48944
Scores
EPSS
0.0030
EPSS Percentile
53.4%
Details
CWE
CWE-89
Status
published
Products (2)
cafuego/simple_document_management_system
1.1.4
cafuego/simple_document_management_system
1.1.5
Published
Feb 21, 2009
Tracked Since
Feb 18, 2026