star7th

25 exploits Active since Nov 2018
CVE-2022-0967 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Stored Cross-Site Scripting via File Upload
Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.10.4.
CVSS 5.4
CVE-2018-19620 WRITEUP MEDIUM WRITEUP
showdoc < 2.4.2 - Unauthenticated Incorrect Access Control via Modified page_id
ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified page_id.
CVSS 4.3
CVE-2021-3775 WRITEUP MEDIUM WRITEUP
showdoc < 2.9.12 - Cross-Site Request Forgery
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVSS 5.4
CVE-2021-3776 WRITEUP MEDIUM WRITEUP
showdoc < 2.9.12 and >= 0 < 2.9.13 - Cross-Site Request Forgery
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVSS 5.4
CVE-2021-3989 WRITEUP MEDIUM WRITEUP
showdoc < 2.9.13 - Open Redirect
showdoc is vulnerable to URL Redirection to Untrusted Site
CVSS 6.1
CVE-2021-3990 WRITEUP MEDIUM WRITEUP
showdoc < 2.9.13 - Use of Cryptographically Weak Pseudo-Random Number Generator
showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CVSS 6.5
CVE-2021-3993 WRITEUP MEDIUM WRITEUP
showdoc < 2.9.13 - Cross-Site Request Forgery
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVSS 6.5
CVE-2021-4168 WRITEUP HIGH WRITEUP
showdoc < 2.9.15 - Cross-Site Request Forgery
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVSS 8.8
CVE-2021-4172 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.2 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.
CVSS 5.4
CVE-2022-0362 WRITEUP CRITICAL WRITEUP
Packagist showdoc/showdoc <2.10.3 - SQL Injection
SQL Injection in Packagist showdoc/showdoc prior to 2.10.3.
CVSS 9.8
CVE-2022-0409 WRITEUP HIGH WRITEUP
Packagist showdoc/showdoc <2.10.2 - File Injection
Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2.
CVSS 7.8
CVE-2022-0880 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.2 - Stored Cross-Site Scripting
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.
CVSS 5.4
CVE-2022-0937 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Stored Cross-Site Scripting via File Upload
Stored xss in showdoc through file upload in GitHub repository star7th/showdoc prior to 2.10.4.
CVSS 5.4
CVE-2022-0942 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Stored Cross-Site Scripting via Unrestricted File Upload
Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4.
CVSS 5.4
CVE-2022-0945 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Stored Cross-Site Scripting via File Upload
Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.
CVSS 5.4
CVE-2022-0946 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Stored Cross-Site Scripting via CSHTM File Upload
Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4.
CVSS 5.4
CVE-2022-0950 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Unrestricted Upload of File with Dangerous Type
Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4.
CVSS 5.4
CVE-2022-0951 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - File Upload Restriction Bypass and Stored Cross-Site Scripting
File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4.
CVSS 6.1
CVE-2022-0956 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Stored Cross-Site Scripting via File Upload
Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4.
CVSS 5.4
CVE-2022-0960 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Stored Cross-Site Scripting via .properties File Upload
Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.
CVSS 5.4
CVE-2022-0962 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Stored Cross-Site Scripting via .webma File Upload
Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.
CVSS 5.4
CVE-2022-0964 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Stored Cross-Site Scripting via .webmv File Upload
Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4.
CVSS 5.4
CVE-2022-0965 WRITEUP MEDIUM WRITEUP
showdoc < 2.10.4 - Stored Cross-Site Scripting via .ofd File Upload
Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4.
CVSS 5.4
CVE-2022-0966 WRITEUP MEDIUM WRITEUP
showdoc < 2.4.10 - Stored Cross-Site Scripting via File Upload
Stored XSS via File Upload in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.4.10.
CVSS 5.4
CVE-2022-1034 WRITEUP HIGH WRITEUP
showdoc < 2.10.4 - Unrestricted Upload of File with Dangerous Type
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4.
CVSS 7.2