460 matches found
showdoc .properties file upload vulnerability (CNVD-2022-20508)
showdoc is an open source tool for IT teams to share documents online. showdoc versions prior to v2.10.4 are vulnerable to file uploads, which stem from the lack of effective detection of .properties file extensions in the application's file upload feature. An attacker could use this vulnerabilit...
Stored Cross-site Scripting in ShowDoc
ShowDoc prior to version 2.10.4 is vulnerable to stored cross-site scripting viva axd and cshtml file upload...
GHSA-VPWQ-6CP4-FFQC Stored Cross-site Scripting in ShowDoc
ShowDoc prior to version 2.10.4 is vulnerable to stored cross-site scripting viva axd and cshtml file upload...
GHSA-J6JG-W79C-7P8V File Upload Restriction Bypass leading to Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to a file upload restriction bypass leading to stored cross-site scripting...
Cross-site Scripting in ShowDoc
The upload feature of ShowDoc prior to version 2.10.4 allows files with the extension .html, which leads to stored cross-site scripting...
File Upload Restriction Bypass leading to Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to a file upload restriction bypass leading to stored cross-site scripting...
Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via file upload...
GHSA-V94V-PXQP-5QGJ Cross-site Scripting in ShowDoc
The upload feature of ShowDoc prior to version 2.10.4 allows files with the extension .html, which leads to stored cross-site scripting...
GHSA-Q73M-3Q7R-FPF7 Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via file upload...
GHSA-9FCC-7G44-MXRJ Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via uploading files with files in .xsd, .asa, and .aspx formats...
Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via uploading files with files in .xsd, .asa, and .aspx formats...
Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via file upload...
GHSA-WG8P-W946-C482 Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via file upload...
GHSA-XM3X-787M-P66R Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via .webmv file upload...
Stored Cross-site Scripting in showdoc
ShowDoc is a tool for an IT team to share documents online. showdoc contains a stored cross-site scripting vulnerability in the File Library page when uploading a file in .ofd format in versions prior to 2.10.4. At this time, there is no known workaround. Users should update to version 2.10.4...
Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via .ofd file upload...
Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via .webmv file upload...
GHSA-V8MP-HHJQ-H4CJ Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via .ofd file upload...
GHSA-3PG8-C473-W6RR Stored Cross-site Scripting in showdoc
ShowDoc is a tool for an IT team to share documents online. showdoc contains a stored cross-site scripting vulnerability in the File Library page when uploading a file in .ofd format in versions prior to 2.10.4. At this time, there is no known workaround. Users should update to version 2.10.4...
Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via file upload...