CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dokmee: >> Enterprise Content Management >> 7.4.6 Security Vulnerabilities

CVE-2023-47261

Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync /#/gettingstarted request contains a connection string for privileged SQL Server database access, and xp_cmdshell can be enabled.

CVSS Score

9.8

EPSS Score

0.032

Published

2023-12-14

Page 1

Vulnerabilities

Vulnerable Software

Dokmee: >> Enterprise Content Management >> 7.4.6 Security Vulnerabilities

Products

Pricing

Contact Us