Docsys Project

Docsys

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-15494

Exploit
  • EPSS 0.01%
  • Veröffentlicht 09.01.2026 16:32:08
  • Zuletzt bearbeitet 22.01.2026 15:37:38

A vulnerability has been found in RainyGao DocSys up to 2.02.37. This affects an unknown function of the file com/DocSystem/mapping/UserMapper.xml. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely...

9.8

CVE-2025-15493

Exploit
  • EPSS 0.01%
  • Veröffentlicht 09.01.2026 16:32:06
  • Zuletzt bearbeitet 22.01.2026 15:42:18

A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possib...

8.8

CVE-2025-15492

Exploit
  • EPSS 0.01%
  • Veröffentlicht 09.01.2026 16:16:06
  • Zuletzt bearbeitet 22.01.2026 15:41:28

A vulnerability was detected in RainyGao DocSys up to 2.02.36. The affected element is an unknown function of the file src/com/DocSystem/mapping/GroupMemberMapper.xml. Performing a manipulation of the argument searchWord results in sql injection. It ...

9.1

CVE-2025-11631

Exploit
  • EPSS 0.16%
  • Veröffentlicht 12.10.2025 08:02:06
  • Zuletzt bearbeitet 30.10.2025 19:47:16

A vulnerability was determined in RainyGao DocSys up to 2.02.36. Affected by this vulnerability is an unknown functionality of the file /Doc/deleteDoc.do. Executing manipulation of the argument path can lead to path traversal. The attack can be launc...

9.8

CVE-2025-11630

Exploit
  • EPSS 0.17%
  • Veröffentlicht 12.10.2025 07:32:04
  • Zuletzt bearbeitet 30.10.2025 19:47:52

A vulnerability was found in RainyGao DocSys up to 2.02.36. Affected is the function updateRealDoc of the file /Doc/uploadDoc.do of the component File Upload. Performing manipulation of the argument path results in path traversal. The attack can be i...

9.8

CVE-2025-11629

Exploit
  • EPSS 0.05%
  • Veröffentlicht 12.10.2025 07:02:06
  • Zuletzt bearbeitet 31.10.2025 17:25:26

A vulnerability has been found in RainyGao DocSys up to 2.02.36. This impacts the function getUserList of the file /Manage/getUserList.do. Such manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been di...

7.5

CVE-2022-4511

Exploit
  • EPSS 0.38%
  • Veröffentlicht 15.12.2022 20:15:09
  • Zuletzt bearbeitet 21.11.2024 07:35:24

A vulnerability has been found in RainyGao DocSys and classified as critical. Affected by this vulnerability is an unknown functionality of the component com.DocSystem.controller.UserController#getUserImg. The manipulation leads to path traversal: '....

7.2

CVE-2022-4402

  • EPSS 0.76%
  • Veröffentlicht 11.12.2022 08:15:09
  • Zuletzt bearbeitet 21.11.2024 07:35:12

A vulnerability classified as critical has been found in RainyGao DocSys 2.02.37. This affects an unknown part of the component ZIP File Decompression Handler. The manipulation leads to path traversal: '../filedir'. It is possible to initiate the att...