Lucene search
K

458 matches found

Cvelist
Cvelist
added 2025/04/29 7:35 p.m.31 views

CVE-2025-0520 ShowDoc < 2.8.7 Unauthenticated File Upload Remote Code Execution

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7...

9.4CVSS0.00976EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/04/29 12:0 a.m.4 views

ShowDoc 代码问题漏洞

ShowDoc is a great tool for IT teams to share documents online by star7th individual developers. A code issue vulnerability exists in ShowDoc versions prior to 2.8.7 that stems from improper validation of file extensions and could lead to remote code execution...

9.4CVSS7.5AI score0.00976EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/29 12:0 a.m.10 views

PT-2025-18203

Name of the Vulnerable Software and Affected Versions ShowDoc versions prior to 2.8.7 Description An unrestricted file upload issue caused by improper validation of file extensions allows unauthenticated attackers to upload arbitrary PHP files, such as web shells, leading to remote code execution...

9.4CVSS6.5AI score0.00976EPSS
Exploits0References83
RedhatCVE
RedhatCVE
added 2025/02/06 4:22 a.m.7 views

CVE-2021-4017

showdoc is vulnerable to Cross-Site Request Forgery CSRF...

8.8CVSS6.7AI score0.00596EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/02/05 10:58 p.m.5 views

CVE-2022-1034

There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4...

9.1CVSS6.6AI score0.01458EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:28 p.m.10 views

CVE-2022-0957

Stored XSS via File Upload in GitHub repository star7th/showdoc prior to 2.10.4...

7.6CVSS5.5AI score0.00754EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 7:19 p.m.6 views

CVE-2022-0945

Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4...

9CVSS5.8AI score0.00797EPSS
Exploits1References1
0day.today
0day.today
added 2022/05/17 12:0 a.m.262 views

Showdoc 2.10.3 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...

6.9CVSS5.6AI score0.03274EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/17 12:0 a.m.190 views

Showdoc 2.10.3 Cross Site Scripting

Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...

6.9CVSS5.6AI score0.03274EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/05/17 12:0 a.m.208 views

Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)

Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...

6.9CVSS5.5AI score0.03274EPSS
Exploits4
OSV
OSV
added 2022/05/14 2:19 a.m.8 views

GHSA-2263-JWGM-WV97 Showdoc XSS Vulnerability

ShowDoc v1.8.0 has XSS via a new page...

5.4CVSS5.1AI score0.00607EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/05/14 2:19 a.m.18 views

Showdoc XSS Vulnerability

ShowDoc v1.8.0 has XSS via a new page...

5.4CVSS6.3AI score0.00607EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/05/14 1:45 a.m.13 views

GHSA-6XX7-CPHV-PXGR Showdoc Forced Browsing

ShowDoc 2.4.1 allows remote attackers to obtain sensitive information by navigating with a modified pageid, as demonstrated by reading note content, or discovering a username in the JSON data at a diff URL...

6.5CVSS6.2AI score0.01197EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/05/14 1:45 a.m.16 views

Showdoc Forced Browsing

ShowDoc 2.4.1 allows remote attackers to obtain sensitive information by navigating with a modified pageid, as demonstrated by reading note content, or discovering a username in the JSON data at a diff URL...

6.5CVSS6.5AI score0.01197EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/05/14 1:45 a.m.15 views

GHSA-3P87-GQW8-4PF2 Showdoc CSRF Vulnerability

server/index.php?s=/api/teamMember/save in ShowDoc 2.4.2 has a CSRF that can add members to a team...

6.5CVSS6.3AI score0.00447EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/05/14 1:45 a.m.16 views

Showdoc CSRF Vulnerability

server/index.php?s=/api/teamMember/save in ShowDoc 2.4.2 has a CSRF that can add members to a team...

6.5CVSS6.8AI score0.00447EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/05/13 1:50 a.m.11 views

GHSA-PFRC-5HHQ-6HVR Showdoc Unauthenticated Access

ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...

4.3CVSS4.5AI score0.0126EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2022/05/13 1:50 a.m.19 views

Showdoc Unauthenticated Access

ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified pageid...

4.3CVSS6.9AI score0.0126EPSS
Exploits1References6Affected Software1
Veracode
Veracode
added 2022/03/23 5:0 a.m.19 views

Unrestricted File Upload

showdoc/showdoc allows unrestricted file uploads. An attacker is able to login to the admin panel and obtains server privileges via the unrestricted file upload vulnerability in AdminUpdateController.class.php...

7.2CVSS5.5AI score0.01458EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/03/23 12:0 a.m.17 views

GHSA-XP82-JMW8-MJXP Unrestricted Upload of File with Dangerous Type in ShowDoc

There is a Unrestricted Upload of File vulnerability in ShowDoc prior to version 2.10.4...

7.2CVSS6.8AI score0.01458EPSS
Exploits1References4
Rows per page
Query Builder