44 matches found
CVE-2024-53930
WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\, which is mishandled by a KaTeX parser...
CVE-2022-23376
WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages...
CVE-2024-53930
WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\, which is mishandled by a KaTeX parser...
PT-2024-35978 · Katex +1 · Katex +1
Name of the Vulnerable Software and Affected Versions: WikiDocs versions prior to 1.0.65 Description: The issue concerns a stored XSS vulnerability that can be exploited by authenticated users. It occurs due to the mishandling of data by a KaTeX parser, specifically when the data comes after $$...
CVE-2024-53930
WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\, which is mishandled by a KaTeX parser...
CVE-2024-53930
CVE-2024-53930 affects WikiDocs prior to 1.0.65. A stored XSS vulnerability exists where authenticated users can inject payloads via data after $$, mishandled by the KaTeX parser. The issue, described across multiple sources, is caused by KaTeX parsing behavior and leads to stored XSS, with impac...
WikiDocs 安全漏洞
WikiDocs is a database-free Markdown flat file Wiki engine by the individual developer Manuel Zavatta in Italy. A security vulnerability exists in WikiDocs version 1.0.65, which stems from mishandling of the KaTeX parser, which can lead to stored cross-site scripting attacks...
CVE-2024-53930
WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\, which is mishandled by a KaTeX parser...
CVE-2024-53930
WikiDocs before 1.0.65 allows stored XSS by authenticated users via data that comes after $$\, which is mishandled by a KaTeX parser...
WikiDocs Arbitrary File Upload (CVE-2022-23375)
An arbitrary file upload vulnerability exists in WikiDocs. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WikiDocs has unspecified vulnerabilities
WikiDocs is a database-free Markdown flat file Wiki engine from the personal developer Manuel Zavatta in Italy. WikiDocs suffers from a security vulnerability that stems from the fact that an attacker can exploit the vulnerability to upload malicious files via index.php using the image upload for...
CVE-2022-23376
WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages...
CVE-2022-23376
WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages...
CVE-2022-23376
WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages...
CVE-2022-23375
WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php...
CVE-2022-23375
WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php...
Remote code execution
WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php...
Cross site scripting
WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages...
CVE-2022-23375
WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php...
CVE-2022-23375
WikiDocs version 0.1.18 contains an authenticated remote code execution vulnerability. An attacker can upload a malicious file via the image upload form through index.php, enabling remote code execution. Multiple connected sources corroborate the issue, including Red Hat and other advisories. The...