Showdoc : Security Vulnerabilities, CVEs, CVSS score >= 8

CVE-2022-1034

There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
9.1
EPSS Score
0.10%
Published
2022-03-22
Updated
2022-03-28

CVE-2022-0965

Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
9.0
EPSS Score
0.05%
Published
2022-03-15
Updated
2022-03-22

CVE-2022-0964

Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
8.0
EPSS Score
0.05%
Published
2022-03-15
Updated
2022-03-22

CVE-2022-0962

Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
9.0
EPSS Score
0.05%
Published
2022-03-14
Updated
2022-03-22

CVE-2022-0960

Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
9.0
EPSS Score
0.05%
Published
2022-03-14
Updated
2022-03-21

CVE-2022-0951

File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
8.2
EPSS Score
0.07%
Published
2022-03-15
Updated
2022-03-21

CVE-2022-0946

Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4.
Max CVSS
9.0
EPSS Score
0.05%
Published
2022-03-14
Updated
2022-03-18

CVE-2022-0945

Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.
Max CVSS
9.0
EPSS Score
0.05%
Published
2022-03-15
Updated
2022-03-21

CVE-2022-0942

Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
9.4
EPSS Score
0.05%
Published
2022-03-15
Updated
2022-03-22

CVE-2022-0362

SQL Injection in Packagist showdoc/showdoc prior to 2.10.3.
Max CVSS
9.8
EPSS Score
0.17%
Published
2022-01-26
Updated
2022-02-02

CVE-2021-41745

ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.
Max CVSS
9.8
EPSS Score
0.28%
Published
2021-10-22
Updated
2021-10-27

CVE-2021-36440

Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'.
Max CVSS
9.8
EPSS Score
0.62%
Published
2021-09-08
Updated
2021-09-15

CVE-2021-4168

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
Max CVSS
8.8
EPSS Score
0.13%
Published
2021-12-26
Updated
2022-01-06

CVE-2021-4017

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
Max CVSS
8.8
EPSS Score
0.13%
Published
2021-12-01
Updated
2021-12-02
14 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close