CVE-2018-12939

MEDIUM

SeedDMS < 5.1.8 - Authenticated Path Traversal and Arbitrary File Write via qquuid Parameter

Title source: llm
STIX 2.1

Description

A directory traversal flaw in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows an authenticated attacker to write to (or potentially delete) arbitrary files via a .. (dot dot) in the "op/op.UploadChunks.php" "qquuid" parameter. NOTE: this can be leveraged to execute arbitrary code by using CVE-2018-12940.

References (2)

Core 2
Core References
Patch, Third Party Advisory x_refsource_misc
https://www.contextis.com/resources/advisories/cve-2018-12939
Patch, Release Notes, Third Party Advisory x_refsource_confirm
https://sourceforge.net/p/seeddms/code/ci/seeddms-5.1.x/tree/CHANGELOG

Scores

CVSS v3 6.5
EPSS 0.0197
EPSS Percentile 78.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-22
Status published
Products (1)
seeddms/seeddms < 5.1.8
Published Jul 31, 2018
Tracked Since Feb 18, 2026