Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2022-28478

SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The "Remove file" functionality inside the "Log files management" menu does not sanitize user input allowing attackers with admin privileges to delete arbitrary files on the remote system.

  • Published: Jun 6, 2022
  • Updated: Nov 16, 2025
  • CVE: CVE-2022-28478
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CVSS v2:

  • Severity: Medium
  • Score: 5.5
  • AV:N/AC:L/Au:S/C:N/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
seeddms / seeddms 5.1.24 5.1.24.x
seeddms / seeddms 6.0.17 6.0.17.x