458 matches found
Unrestricted Upload of File with Dangerous Type in ShowDoc
There is a Unrestricted Upload of File vulnerability in ShowDoc prior to version 2.10.4...
Cross-site Scripting (XSS)
showdoc/showdoc is vulnerable to stored cross-site scripting. The vulnerability exists due to lack of xss validations for uploaded OFD files before they get stored which allows an attacker to inject and execute arbitrary javascript...
CVE-2022-1034
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4...
CVE-2022-1034
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4...
Unrestricted file upload
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4...
CVE-2022-1034 There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in star7th/showdoc
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4...
CVE-2022-1034
CVE-2022-1034 affects ShowDoc
CVE-2022-1034 There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in star7th/showdoc
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4...
showdoc 代码问题漏洞
showdoc is open source a great tool for IT teams to share documents online. A security vulnerability exists in showdoc v2.10.3, there is no information about the vulnerability at the moment, please stay tuned to CNNVD or the vendor's announcement...
Cross-site Scripting (XSS)
showdoc/showdoc is vulnerable to cross-site scripting. An attacker can inject and execute malicious javascript through the .properties files...
showdoc Cross-Site Scripting Vulnerability (CNVD-2022-21807)
showdoc is open source and a great tool for IT teams to share documents online. showdoc versions prior to 2.10.4 have a security vulnerability that stems from the application allowing the upload of .ofd files, which leads to a cross-site scripting vulnerability. No detailed vulnerability details...
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3
Description There is a Unrestricted Upload of File vulnerability in AdminUpdateController.class.php in ShowDoc v2.10.3 Proof of Concept POST /showdoc-2.10.3/server/index.php?s=/api/adminUpdate/download HTTP/1.1 Host: 10.211.55.5 Content-Length: 66 Accept: application/json, text/plain, / User-Agen...
Using vulnerable dependencies in package.json
Description 1. Hello team, The Showdoc is using a axios 0.17.1 dependency that is vulnerable to:👇 1. CVE-2021-3749 Regular Expression Denial of Service ReDoS 2. CVE-2020-28168 Server-Side Request Forgery SSRF 3. CVE-2019-10742 Denial of Service DoS Path to the file:...
showdoc .cshtml file upload vulnerability
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 are vulnerable to file uploads, which stem from the lack of effective detection of .cshtml and .axd file extensions in the application's file upload functionality. An attacker could exploit th...
showdoc .ofd file upload vulnerability
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 are vulnerable to file uploads, which stem from the lack of effective detection of .ofd file extensions in the application's file upload feature. An attacker could use this vulnerability to...
showdoc .md file upload vulnerability
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 are vulnerable to file uploads, which stem from the lack of effective detection of .md file extensions in the application's file upload feature. An attacker could use this vulnerability to...
showdoc .webmv file upload vulnerability
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability that stems from the lack of effective detection of .webmv file extensions in the application's file upload feature. An attacker could exploit this...
showdoc .aspx file upload vulnerability (CNVD-2022-20513)
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability that stems from the lack of effective detection of .aspx file extensions in the application's file upload functionality. An attacker could use this...
showdoc .m3u8a file upload vulnerability
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability that stems from the lack of effective detection of .m3u8a file extensions in the application's file upload feature. An attacker could exploit this...
showdoc .properties file upload vulnerability (CNVD-2022-20508)
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 are vulnerable to file uploads, which stem from the lack of effective detection of .properties file extensions in the application's file upload feature. An attacker could use this vulnerabilit...