showdoc is an open source tool ideal for IT teams to share documents online. showdoc versions prior to 2.10.3 are vulnerable to SQL injection, which stems from a lack of validation of external input SQL statements in showdoc’s uid parameter. An attacker could exploit this vulnerability to execute illegal SQL commands.
CPE | Name | Operator | Version |
---|---|---|---|
showdoc showdoc | lt | 2.10.3 |