CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

RedhatCVE•added 2025/05/01 8:16 p.m.•6 views

CVE-2025-0520

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7...

9.4CVSS7.8AI score0.0203EPSS

Exploits0References1

Github Security Blog•added 2025/04/29 9:31 p.m.•8 views

ShowDoc unrestricted file upload vulnerability

9.4CVSS8AI score0.0203EPSS

Exploits0References6Affected Software1

Snyk•added 2025/04/29 9:31 p.m.•2 views

Arbitrary File Upload

Overview showdoc/showdoc is a tool for an IT team to share documents online. Affected versions of this package are vulnerable to Arbitrary File Upload due to the uploadImg method in the PageController class, which improperly validates file extensions. An attacker can execute arbitrary code by...

9.9CVSS7.8AI score0.0203EPSS

Exploits0References2

OSV•added 2025/04/29 9:31 p.m.•3 views

GHSA-6JMR-R7P6-F5WR ShowDoc unrestricted file upload vulnerability

9.4CVSS7.9AI score0.0203EPSS

Exploits0References6

NVD•added 2025/04/29 8:15 p.m.•15 views

CVE-2025-0520

9.4CVSS0.0203EPSS

Exploits0References4

CVE•added 2025/04/29 7:35 p.m.•73 views

CVE-2025-0520

CVE-2025-0520 describes an unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extensions, allowing execution of arbitrary PHP and remote code execution on affected installations. The issue affects ShowDoc versions before 2.8.7. Multiple connected sources corro...

9.4CVSS7.4AI score0.0203EPSS

In wildExploits0References4

Vulnrichment•added 2025/04/29 7:35 p.m.•9 views

CVE-2025-0520 ShowDoc < 2.8.7 Unauthenticated File Upload Remote Code Execution

9.4CVSS7.3AI score0.0203EPSS

Exploits0References4

Cvelist•added 2025/04/29 7:35 p.m.•23 views

CVE-2025-0520 ShowDoc < 2.8.7 Unauthenticated File Upload Remote Code Execution

9.4CVSS0.0203EPSS

Exploits0References4

Positive Technologies•added 2025/04/29 12:0 a.m.•2 views

PT-2025-18203

Name of the Vulnerable Software and Affected Versions ShowDoc versions prior to 2.8.7 Description An unrestricted file upload issue caused by improper validation of file extensions allows unauthenticated attackers to upload arbitrary PHP files, such as web shells, leading to remote code execution...

9.4CVSS6.5AI score0.0203EPSS

Exploits0References83

CNNVD•added 2022/03/15 12:0 a.m.•1 views

showdoc 跨站脚本漏洞

showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability that stems from the lack of effective detection of .webmv file extensions in the application's file upload feature. An attacker could exploit this...

8CVSS5.8AI score0.00384EPSS

Exploits1References4

Veracode•added 2022/02/21 9:10 a.m.•29 views

Arbitrary File Upload

showdoc/showdoc is vulnerable to arbitrary file upload attacks. The vulnerability exists through AttachmentController.class.php where the attachmentUpload function does not properly validate the upload files, allowing an attacker to upload a malicious crafted file and remotely execute arbitrary...

7.8CVSS4.7AI score0.00209EPSS

Exploits1References3Affected Software1

OSV•added 2022/01/06 10:22 p.m.•16 views

GHSA-5MJ6-3CMQ-FH34 showdoc is vulnerable to Generation of Error Message Containing Sensitive Information

showdoc is vulnerable to Generation of Error Message Containing Sensitive Information...

5.3CVSS5.1AI score0.00194EPSS

Exploits1References4

CNNVD•added 2022/01/03 12:0 a.m.•1 views

showdoc 安全漏洞

ShowDoc is an open source tool ideal for IT teams to share documents online. showDoc has a security vulnerability that stems from the fact that showdoc is prone to generating error messages containing sensitive information. An attacker could exploit this vulnerability to obtain sensitive...

5.3CVSS5.6AI score0.00194EPSS

Exploits1References3

CNVD•added 2021/12/07 12:0 a.m.•6 views

ShowDoc Input Validation Error Vulnerability (CNVD-2021-95596)

ShowDoc is open source a great tool for IT teams to share documents online. ShowDoc suffers from an input validation error vulnerability that stems from showdoc's susceptibility to URL redirection to untrusted sites. No detailed vulnerability details are provided at this time...

6.5CVSS6.6AI score0.00196EPSS

Exploits1References1

NVD•added 2021/12/03 11:15 a.m.•8 views

CVE-2021-4000

showdoc is vulnerable to URL Redirection to Untrusted Site...

6.5CVSS0.00196EPSS

Exploits1References2

OSV•added 2021/12/03 11:15 a.m.•8 views

CVE-2021-4000

showdoc is vulnerable to URL Redirection to Untrusted Site...

6.1CVSS6.7AI score

Exploits0References2

OSV•added 2021/12/01 11:15 a.m.•9 views

CVE-2021-3993

showdoc is vulnerable to Cross-Site Request Forgery CSRF...

6.5CVSS6.9AI score

Exploits0References2

NVD•added 2021/12/01 11:15 a.m.•11 views

CVE-2021-4017

showdoc is vulnerable to Cross-Site Request Forgery CSRF...

8.8CVSS0.00142EPSS

Exploits1References2

Prion•added 2021/12/01 11:15 a.m.•13 views

Cross site request forgery (csrf)

showdoc is vulnerable to Cross-Site Request Forgery CSRF...

6.8CVSS8.8AI score0.00142EPSS

Exploits1References2Affected Software1

CNNVD•added 2021/12/01 12:0 a.m.•1 views

showdoc 跨站请求伪造漏洞

showdoc is an open source tool ideal for IT teams to share documents online. showDoc has a security vulnerability that can be exploited by attackers to perform request forgery CSRF attacks...

6.5CVSS5.6AI score0.00117EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by