Filtered by vendor Documentcloud Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-2807 1 Documentcloud 1 Navis Documentcloud 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.
CVE-2013-1933 2 Documentcloud, Ruby-lang 2 Karteek-docsplit, Ruby 2024-11-21 N/A
The extract_from_ocr function in lib/docsplit/text_extractor.rb in the Karteek Docsplit (karteek-docsplit) gem 0.5.4 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a PDF filename.