CVE-2023-40980

File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file...

CVE-2025-63248

DWSurvey 6.14.0 is vulnerable to Incorrect Access Control. When deleting a questionnaire, replacing the questionnaire ID with the ID of another questionnaire can enable the deletion of other questionnaires...

CVE-2025-63248

DWSurvey 6.14.0 is vulnerable to Incorrect Access Control. When deleting a questionnaire, replacing the questionnaire ID with the ID of another questionnaire can enable the deletion of other questionnaires...

DWSurvey 安全漏洞

DWSurvey is a DWSurvey open source questionnaire system written in Java. A security vulnerability exists in DWSurvey version 6.14.0, which stems from improper access control and could lead to the deletion of additional questionnaires...

PT-2025-45123

Name of the Vulnerable Software and Affected Versions DWSurvey version 6.14.0 Description DWSurvey 6.14.0 has an issue with access control. Specifically, when deleting a questionnaire, manipulating the questionnaire ID to match another questionnaire’s ID allows for the deletion of unintended...

CVE-2025-63248

DWSurvey 6.14.0 is vulnerable to Incorrect Access Control. When deleting a questionnaire, replacing the questionnaire ID with the ID of another questionnaire can enable the deletion of other questionnaires...

EUVD-2025-37898

DWSurvey 6.14.0 is vulnerable to Incorrect Access Control. When deleting a questionnaire, replacing the questionnaire ID with the ID of another questionnaire can enable the deletion of other questionnaires...

CVE-2025-63248

DWSurvey 6.14.0 is affected by an Incorrect Access Control issue in the questionnaire deletion flow. Replacing the targeted questionnaire ID with another ID can enable deletion of additional questionnaires, revealing a path to unauthorized modification of data. Affected product: DWSurvey 6.14.0. ...

EUVD-2020-12860

Malware in sbrugna...

EUVD-2021-25743

Malware in sbrugna...

EUVD-2021-25744

Malware in sbrugna...

EUVD-2023-45519

Malicious code in bioql PyPI...

CVE-2021-39384

DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java...

CVE-2021-39383

DWSurvey v3.2.0 was discovered to contain a remote command execution RCE vulnerability via the component /sysuser/SysPropertyAction.java...

CVE-2020-20070

Cross Site Scripting vulnerability found in wkeyuan DWSurvey 1.0 allows a remote attacker to execute arbitrary code via thequltemld parameter of the qu-multi-fillblank!answers.action file...

CVE-2019-14747

DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-design!copySurvey.action surveyName parameter...

CVE-2019-15095

DWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter...

CVE-2023-40980

File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file...

CVE-2023-40980

File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file...

CVE-2023-40980

File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file...