Showdoc : Security Vulnerabilities, CVEs, CVSS score >= 8
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
9.1
EPSS Score
0.10%
Published
2022-03-22
Updated
2022-03-28
Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
9.0
EPSS Score
0.05%
Published
2022-03-15
Updated
2022-03-22
Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
8.0
EPSS Score
0.05%
Published
2022-03-15
Updated
2022-03-22
Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
9.0
EPSS Score
0.05%
Published
2022-03-14
Updated
2022-03-22
Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
9.0
EPSS Score
0.05%
Published
2022-03-14
Updated
2022-03-21
File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
8.2
EPSS Score
0.07%
Published
2022-03-15
Updated
2022-03-21
Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4.
Max CVSS
9.0
EPSS Score
0.05%
Published
2022-03-14
Updated
2022-03-18
Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.
Max CVSS
9.0
EPSS Score
0.05%
Published
2022-03-15
Updated
2022-03-21
Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4.
Max CVSS
9.4
EPSS Score
0.05%
Published
2022-03-15
Updated
2022-03-22
SQL Injection in Packagist showdoc/showdoc prior to 2.10.3.
Max CVSS
9.8
EPSS Score
0.17%
Published
2022-01-26
Updated
2022-02-02
ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.
Max CVSS
9.8
EPSS Score
0.28%
Published
2021-10-22
Updated
2021-10-27
Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'.
Max CVSS
9.8
EPSS Score
0.62%
Published
2021-09-08
Updated
2021-09-15
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
Max CVSS
8.8
EPSS Score
0.13%
Published
2021-12-26
Updated
2022-01-06
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
Max CVSS
8.8
EPSS Score
0.13%
Published
2021-12-01
Updated
2021-12-02
14 vulnerabilities found