Vulnerabilities (CVE)

Filtered by vendor Kujirahand Subscribe
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-42496 1 Kujirahand 1 Nadesiko3 2024-11-21 N/A 9.8 CRITICAL
OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product.
CVE-2022-41777 1 Kujirahand 1 Nadesiko3 2024-11-21 N/A 7.5 HIGH
Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash.
CVE-2022-41642 1 Kujirahand 1 Nadesiko3 2024-11-21 N/A 9.8 CRITICAL
OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.
CVE-2021-20721 1 Kujirahand 1 Konawiki 2024-11-21 7.5 HIGH 9.8 CRITICAL
KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.
CVE-2021-20720 1 Kujirahand 1 Konawiki 2024-11-21 7.5 HIGH 9.8 CRITICAL
SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors.
CVE-2020-5614 1 Kujirahand 1 Konawiki 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Directory traversal vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2020-5613 1 Kujirahand 1 Konawiki 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to execute an arbitrary script via a specially crafted URL.
CVE-2020-5612 1 Kujirahand 1 Konawiki 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in KonaWiki 2.2.0 and earlier allows remote attackers to execute an arbitrary script via a specially crafted URL.