Vendor
Codiad
Products
1
CVEs
4
Across products
4
Status
Private
Products
1- 4 CVEs
Recent CVEs
4| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-1000125 | Hig | 0.49 | 7.5 | 0.00 | Nov 17, 2017 | Codiad(full version) is vulnerable to write anything to configure file in the installation resulting upload a webshell. | |
| CVE-2014-9581 | 0.04 | — | 0.12 | Jan 8, 2015 | Directory traversal vulnerability in components/filemanager/download.php in Codiad 2.4.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information. | ||
| CVE-2014-9582 | 0.03 | — | 0.01 | Jan 8, 2015 | Cross-site scripting (XSS) vulnerability in components/filemanager/dialog.php in Codiad 2.4.3 allows remote attackers to inject arbitrary web script or HTML via the short_name parameter in a rename action. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information. | ||
| CVE-2013-7257 | 0.00 | — | 0.00 | Jan 3, 2014 | Cross-site scripting (XSS) vulnerability in Codiad 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the Project Name field. |