Showdoc Security Vulnerabilities and Issues — Showdoc CVE List

Lucene search

ShowdocShowdoc

41 matches found

CVE•added 2022/02/19 5:15 a.m.•123 views

CVE-2022-0409

Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2.

7.8CVSS7AI score0.00198EPSS

CVE•added 2022/03/12 4:15 a.m.•110 views

CVE-2022-0880

Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.

7.6CVSS5.4AI score0.00211EPSS

CVE•added 2022/03/14 3:15 a.m.•106 views

CVE-2022-0937

Stored xss in showdoc through file upload in GitHub repository star7th/showdoc prior to 2.10.4.

6.3CVSS5.5AI score0.00172EPSS

CVE•added 2022/03/14 1:15 p.m.•102 views

CVE-2022-0941

Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4.

7.3CVSS5.5AI score0.00186EPSS

CVE•added 2022/03/15 9:15 a.m.•102 views

CVE-2022-0950

Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4.

6.5CVSS5.6AI score0.00267EPSS

CVE•added 2022/03/15 4:15 a.m.•100 views

CVE-2022-0945

Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.

9CVSS5.7AI score0.00332EPSS

CVE•added 2022/03/15 4:15 p.m.•97 views

CVE-2022-0966

Stored XSS via File Upload in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.4.10.

6.4CVSS5.3AI score0.00211EPSS

CVE•added 2022/03/15 4:15 p.m.•96 views

CVE-2022-0967

Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.10.4.

6.9CVSS5.3AI score0.00831EPSS

CVE•added 2021/08/04 2:15 p.m.•95 views

CVE-2021-3678

showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

7.5CVSS6AI score0.00391EPSS

CVE•added 2022/03/15 1:15 p.m.•94 views

CVE-2022-0957

Stored XSS via File Upload in GitHub repository star7th/showdoc prior to 2.10.4.

7.6CVSS5.5AI score0.0029EPSS

CVE•added 2022/03/22 8:15 a.m.•94 views

CVE-2022-1034

There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4.

9.1CVSS7.1AI score0.00446EPSS

CVE•added 2022/03/15 1:15 p.m.•93 views

CVE-2022-0956

Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4.

7.1CVSS5.4AI score0.0032EPSS

CVE•added 2022/03/15 4:15 p.m.•93 views

CVE-2022-0964

Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4.

8CVSS5.6AI score0.00364EPSS

CVE•added 2022/03/14 8:15 a.m.•90 views

CVE-2022-0938

Stored XSS via file upload in GitHub repository star7th/showdoc prior to v2.10.4.

7.1CVSS5.5AI score0.00196EPSS

CVE•added 2022/03/14 11:15 a.m.•90 views

CVE-2022-0940

Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4.

6.3CVSS5.3AI score0.00181EPSS

CVE•added 2022/03/14 2:15 p.m.•88 views

CVE-2022-0946

Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4.

9CVSS5.7AI score0.00306EPSS

CVE•added 2022/03/14 4:15 p.m.•88 views

CVE-2022-0962

Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.

9CVSS5.7AI score0.00364EPSS

CVE•added 2022/03/15 9:15 a.m.•87 views

CVE-2022-0951

File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4.

8.2CVSS6.3AI score0.00325EPSS

CVE•added 2022/03/15 2:15 p.m.•86 views

CVE-2022-0942

Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4.

9.4CVSS5.6AI score0.00326EPSS

CVE•added 2022/03/14 3:15 p.m.•84 views

CVE-2022-0960

Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.

9CVSS5.6AI score0.00368EPSS

CVE•added 2021/08/04 1:15 p.m.•82 views

CVE-2021-3680

showdoc is vulnerable to Missing Cryptographic Step

5.3CVSS5AI score0.00099EPSS

CVE•added 2022/03/15 4:15 p.m.•82 views

CVE-2022-0965

Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4.

9CVSS5.7AI score0.00364EPSS

CVE•added 2021/11/13 10:15 a.m.•65 views

CVE-2021-3776

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

5.8CVSS4.9AI score0.00112EPSS

CVE•added 2022/01/26 1:15 p.m.•61 views

CVE-2022-0362

SQL Injection in Packagist showdoc/showdoc prior to 2.10.3.

9.8CVSS8.4AI score0.00274EPSS

CVE•added 2021/11/13 10:15 a.m.•59 views

CVE-2021-3683

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

6.5CVSS5.9AI score0.00112EPSS

CVE•added 2022/01/03 3:15 a.m.•59 views

CVE-2022-0079

showdoc is vulnerable to Generation of Error Message Containing Sensitive Information

5.3CVSS5.1AI score0.00194EPSS

CVE•added 2021/10/22 12:15 p.m.•58 views

CVE-2021-41745

ShowDoc 2.8.3 ihas a file upload vulnerability, where attackers can use the vulnerability to obtain server permissions.

9.8CVSS9.3AI score0.00328EPSS

CVE•added 2021/09/08 9:15 p.m.•57 views

CVE-2021-36440

Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' parameter in the component AdminUpdateController.class.php'.

9.8CVSS9.7AI score0.36807EPSS

CVE•added 2022/01/22 12:15 p.m.•54 views

CVE-2021-4172

Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.

6.5CVSS5.4AI score0.00195EPSS

CVE•added 2021/11/13 10:15 a.m.•53 views

CVE-2021-3775

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

5.8CVSS4.9AI score0.00112EPSS

CVE•added 2021/12/26 2:15 p.m.•52 views

CVE-2021-4168

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

8.8CVSS7.4AI score0.00145EPSS

CVE•added 2021/12/01 11:15 a.m.•50 views

CVE-2021-4017

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

8.8CVSS7.9AI score0.00142EPSS

CVE•added 2021/12/01 11:15 a.m.•48 views

CVE-2021-3990

showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

6.5CVSS6.4AI score0.00301EPSS

CVE•added 2021/12/01 11:15 a.m.•40 views

CVE-2021-3989

showdoc is vulnerable to URL Redirection to Untrusted Site

6.5CVSS6.1AI score0.00207EPSS

CVE•added 2018/11/22 5:29 a.m.•38 views

CVE-2018-19433

ShowDoc 2.4.1 has XSS via the lang parameter because install/database.php mishandles the $cur_lang value.

6.1CVSS5.9AI score0.0024EPSS

CVE•added 2021/12/01 11:15 a.m.•38 views

CVE-2021-3993

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

6.5CVSS5.3AI score0.00161EPSS

CVE•added 2021/12/03 11:15 a.m.•37 views

CVE-2021-4000

showdoc is vulnerable to URL Redirection to Untrusted Site

6.5CVSS6.2AI score0.00285EPSS

CVE•added 2018/11/28 8:29 a.m.•34 views

CVE-2018-19621

server/index.php?s=/api/teamMember/save in ShowDoc 2.4.2 has a CSRF that can add members to a team.

6.5CVSS6.3AI score0.00117EPSS

CVE•added 2018/11/28 8:29 a.m.•33 views

CVE-2018-19620

ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified page_id.

4.3CVSS4.6AI score0.0014EPSS

CVE•added 2018/11/27 4:29 p.m.•30 views

CVE-2018-19609

ShowDoc 2.4.1 allows remote attackers to obtain sensitive information by navigating with a modified page_id, as demonstrated by reading note content, or discovering a username in the JSON data at a diff URL.

6.5CVSS6.2AI score0.00225EPSS

CVE•added 2018/09/02 6:29 p.m.•27 views

CVE-2018-16342

ShowDoc v1.8.0 has XSS via a new page.

5.4CVSS5.1AI score0.00191EPSS