Star7Th Showdoc vulnerabilities
34 known vulnerabilities affecting star7th/star7th_showdoc.
Total CVEs
34
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM29
Vulnerabilities
Page 1 of 2
CVE-2022-0362P3CRITICALCVSS 9.8≥ unspecified, < 2.10.32022-01-26
CVE-2022-0362 [CRITICAL] CWE-89 CVE-2022-0362: SQL Injection in Packagist showdoc/showdoc prior to 2.10.3.
SQL Injection in Packagist showdoc/showdoc prior to 2.10.3.
nvd
CVE-2022-0967P3MEDIUMCVSS 5.4PoC≥ unspecified, < 2.10.42022-03-15
CVE-2022-0967 [MEDIUM] CWE-79 CVE-2022-0967: Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in GitHub repository star7th/showdo
Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.10.4.
nvd
CVE-2022-1034P3HIGHCVSS 7.2≥ unspecified, < 2.10.42022-03-22
CVE-2022-1034 [HIGH] CWE-434 CVE-2022-1034: There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4.
nvd
CVE-2022-0409P3HIGHCVSS 7.8≥ unspecified, < 2.10.22022-02-19
CVE-2022-0409 [HIGH] CWE-434 CVE-2022-0409: Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2.
Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2.
nvd
CVE-2021-4168P4HIGHCVSS 8.8≥ unspecified, < 2.9.152021-12-26
CVE-2021-4168 [HIGH] CWE-352 CVE-2021-4168: showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
nvd
CVE-2021-4017P4HIGHCVSS 8.8≥ unspecified, < v2.9.132021-12-01
CVE-2021-4017 [HIGH] CWE-352 CVE-2021-4017: showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
nvd
CVE-2021-3990P4MEDIUMCVSS 6.5≥ unspecified, < 2.9.132021-12-01
CVE-2021-3990 [MEDIUM] CWE-338 CVE-2021-3990: showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
nvd
CVE-2022-0951P4MEDIUMCVSS 6.1≥ unspecified, < 2.10.42022-03-15
CVE-2022-0951 [MEDIUM] CWE-434 CVE-2022-0951: File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/show
File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4.
nvd
CVE-2022-0950P4MEDIUMCVSS 5.4≥ unspecified, < 2.10.42022-03-15
CVE-2022-0950 [MEDIUM] CWE-434 CVE-2022-0950: Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4
Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4.
nvd
CVE-2021-3993P4MEDIUMCVSS 6.5≥ unspecified, < v2.9.132021-12-01
CVE-2021-3993 [MEDIUM] CWE-352 CVE-2021-3993: showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
nvd
CVE-2021-3683P4MEDIUMCVSS 6.5≥ unspecified, ≤ 2.9.122021-11-13
CVE-2021-3683 [MEDIUM] CWE-352 CVE-2021-3683: showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
nvd
CVE-2021-3678P4MEDIUMCVSS 5.9≥ unspecified, ≤ 2.9.72021-08-04
CVE-2021-3678 [MEDIUM] CWE-338 CVE-2021-3678: showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
nvd
CVE-2022-0965P4MEDIUMCVSS 5.4≥ unspecified, < 2.10.42022-03-15
CVE-2022-0965 [MEDIUM] CWE-79 CVE-2022-0965: Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4.
nvd
CVE-2022-0962P4MEDIUMCVSS 5.4≥ unspecified, < 2.10.42022-03-14
CVE-2022-0962 [MEDIUM] CWE-434 CVE-2022-0962: Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.
nvd
CVE-2022-0960P4MEDIUMCVSS 5.4≥ unspecified, < 2.10.42022-03-14
CVE-2022-0960 [MEDIUM] CWE-434 CVE-2022-0960: Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.
nvd
CVE-2022-0964P4MEDIUMCVSS 5.4≥ unspecified, < 2.10.42022-03-15
CVE-2022-0964 [MEDIUM] CWE-79 CVE-2022-0964: Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4.
nvd
CVE-2022-0946P4MEDIUMCVSS 5.4≥ unspecified, < v2.10.42022-03-14
CVE-2022-0946 [MEDIUM] CWE-79 CVE-2022-0946: Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4.
Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4.
nvd
CVE-2022-0945P4MEDIUMCVSS 5.4≥ unspecified, < v2.10.42022-03-15
CVE-2022-0945 [MEDIUM] CWE-434 CVE-2022-0945: Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc p
Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.
nvd
CVE-2022-0957P4MEDIUMCVSS 5.4≥ unspecified, < 2.10.42022-03-15
CVE-2022-0957 [MEDIUM] CWE-79 CVE-2022-0957: Stored XSS via File Upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS via File Upload in GitHub repository star7th/showdoc prior to 2.10.4.
nvd
CVE-2022-0942P4MEDIUMCVSS 5.4≥ unspecified, < 2.10.42022-03-15
CVE-2022-0942 [MEDIUM] CWE-79 CVE-2022-0942: Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4.
nvd
1 / 2Next →