Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by owndms
CVE-2019-25580 (GCVE-0-2019-25580)
Vulnerability from cvelistv5 – Published: 2026-03-21 15:30 – Updated: 2026-03-23 16:34
VLAI
Title
ownDMS 4.7 SQL Injection via pdfstream.php imagestream.php
Summary
ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the IMG parameter. Attackers can send GET requests to pdfstream.php, imagestream.php, or anyfilestream.php with crafted SQL payloads in the IMG parameter to extract sensitive database information including version and database names.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/46168 | exploit |
| http://www.owndms.com/ | product |
| https://datapacket.dl.sourceforge.net/project/own… | product |
| https://www.vulncheck.com/advisories/owndms-sql-i… | third-party-advisory |
Date Public
2019-01-15 00:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25580",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T16:34:32.206628Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T16:34:46.408Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "ownDMS",
"vendor": "Owndms",
"versions": [
{
"status": "affected",
"version": "4.7"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ihsan Sencan"
}
],
"datePublic": "2019-01-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the IMG parameter. Attackers can send GET requests to pdfstream.php, imagestream.php, or anyfilestream.php with crafted SQL payloads in the IMG parameter to extract sensitive database information including version and database names."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-22T00:15:25.054Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-46168",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/46168"
},
{
"name": "Official Product Homepage",
"tags": [
"product"
],
"url": "http://www.owndms.com/"
},
{
"name": "Product Reference",
"tags": [
"product"
],
"url": "https://datapacket.dl.sourceforge.net/project/owndms/owndms_47.zip"
},
{
"name": "VulnCheck Advisory: ownDMS 4.7 SQL Injection via pdfstream.php imagestream.php",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/owndms-sql-injection-via-pdfstream-php-imagestream-php"
}
],
"title": "ownDMS 4.7 SQL Injection via pdfstream.php imagestream.php",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2019-25580",
"datePublished": "2026-03-21T15:30:38.596Z",
"dateReserved": "2026-03-21T15:28:57.128Z",
"dateUpdated": "2026-03-23T16:34:46.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2018-18527 (GCVE-0-2018-18527)
Vulnerability from cvelistv5 – Published: 2018-10-19 19:00 – Updated: 2024-08-05 11:15
VLAI
Summary
OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/45637/ | exploitx_refsource_EXPLOIT-DB |
Date Public
2018-10-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:15:58.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "45637",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45637/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "45637",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45637/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18527",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "45637",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45637/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18527",
"datePublished": "2018-10-19T19:00:00.000Z",
"dateReserved": "2018-10-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:15:58.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}