Aggregates CVE and security vulnerability intelligence across all cafuego-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection, with potential vendor impact data exposure across vendor surface production workloads and vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2010-4986 | SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter. | [email protected] | 7.5 | 0.93% | 2011-11-01 | 2026-06-16 |
| CVE-2008-6236 | SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the login parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | [email protected] | 7.5 | 0.97% | 2009-02-21 | 2026-06-16 |
| CVE-2008-6220 | SQL injection vulnerability in login.php in Simple Document Management System (SDMS) 1.1.5 and 1.1.4, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the pass parameter. | [email protected] | 7.5 | 1.15% | 2009-02-20 | 2026-06-16 |
| CVE-2005-3877 | Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earlier allow remote attackers to execute arbitrary SQL commands via the (1) folder_id parameter in list.php and (2) mid parameter in a view action to messages.php. | [email protected] | 7.5 | 1.22% | 2005-11-29 | 2026-06-16 |