16 matches found
EUVD-2021-8134
Malicious code in bioql PyPI...
EUVD-2021-8135
Malicious code in bioql PyPI...
CVE-2021-20720
SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors...
CVE-2021-20721
KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed...
The vulnerability of the KonaWiki2 content management system’s web application lies in its ability to allow unlimited loading of dangerous types of files, enabling attackers to download and execute arbitrary files.
The vulnerability of the KonaWiki2 content management system’s web application is related to the unlimited loading of dangerous files. Exploiting this vulnerability allows a malicious actor to download and execute arbitrary files remotely...
CVE-2021-20721
KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed...
CVE-2021-20720
SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors...
CVE-2021-20721
KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed...
CVE-2021-20720
SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors...
Sql injection
SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors...
Design/Logic Flaw
KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed...
CVE-2021-20721
KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed...
CVE-2021-20721
KonaWiki2 prior to 2.2.4 is affected by CVE-2021-20721: an unrestricted file upload vulnerability allows a remote attacker to upload arbitrary files; if PHP scripts are uploaded, arbitrary code execution may occur. Root cause: insufficient validation during file uploads. Impact: remote code execu...
CVE-2021-20720
SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors...
CVE-2021-20720
KonaWiki2 is affected by CVE-2021-20720: SQL injection in versions prior to 2.2.4 that allows remote attackers to execute arbitrary SQL commands and obtain/alter data in the application database via unspecified vectors. The vulnerability stems from insufficient input cleansing in KonaWiki2 prior ...
JVN#34232719: Multiple vulnerabilities in KonaWiki2
KonaWiki2 provided by kujirahand contains multiple vulnerabilites listed below. SQL Injection CWE-89 - CVE-2021-20720 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L| Base Score: 7.3 CVSS v2| AV:N/AC:L/Au:N/C:P/I:P/A:P| Base Score: 7.5 Unrestricted upload...