logicaldoc

Top products

The 15 most recently published vulnerabilities affecting logicaldoc.

• CVE-2019-25258LogicalDOC Enterprise 7.7.4 Multiple Post-Authentication Directory Traversal Vulnerabilities7.5Dec 24, 2025
• CVE-2025-12547LogicalDOC Community Edition Admin Login login.jsp excessive authentication3.7Oct 31, 2025
• CVE-2025-12546LogicalDOC Community Edition API Key creation UI cross site scripting3.5Oct 31, 2025
• CVE-2025-11946LogicalDOC Community Edition Add Contact frontend.jsp cross site scripting3.5Oct 19, 2025
• CVE-2024-12020Reflected Cross-Site Scripting (XSS)6.1Mar 14, 2025
• CVE-2024-54449Remote Code Execution (RCE) via Arbitrary File Write In Document API8.8Mar 14, 2025
• CVE-2024-54448Remote Code Execution (RCE) via Automation Scripting7.2Mar 14, 2025
• CVE-2022-47418LogicalDOC Document Version Comment Stored XSS5.4Feb 7, 2023
• CVE-2022-47417LogicalDOC Document File Name Stored XSS5.4Feb 7, 2023
• CVE-2022-47416LogicalDOC Chat Stored XSS5.4Feb 7, 2023
• CVE-2022-47415LogicalDOC Messaging Stored XSS5.4Feb 7, 2023
• CVE-2020-13542A local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation. Depending on the vector chosen, an attacker can either replace the service binary o...7.8Dec 3, 2020
• CVE-2020-10366LogicalDoc before 8.3.3 allows /servlet.gupld Directory Traversal, a different vulnerability than CVE-2020-9423 and CVE-2020-10365.7.5Apr 7, 2020
• CVE-2020-10365LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the list of available documents by querying the database. This list could be filtered by modifying some of the parameters. Some of...6.5Mar 18, 2020
• CVE-2020-9423LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents....9.8Mar 18, 2020