VYPR
Get started
← All vendors
Vendor

Kujirahand

Sign in to watch
Products
4
CVEs
7
Across products
7
Status
Private

Products

4

Recent CVEs

7
CVESevRiskCVSSEPSSKEVPublishedDescription
CVE-2025-55037Cri0.579.80.00Sep 5, 2025Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, an arbitrary OS command may be executed by a remote unauthenticated attacker if the settings are configured to construct messages from external sources.
CVE-2025-55671Hig0.447.80.00Sep 5, 2025Uncontrolled search path element issue exists in TkEasyGUI versions prior to v1.0.22. If this vulnerability is exploited, arbitrary code may be executed with the privilege of running the program.
CVE-2022-424960.000.02Dec 5, 2022OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product.
CVE-2022-416420.000.02Dec 5, 2022OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.
CVE-2022-417770.000.04Dec 5, 2022Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash.
CVE-2021-207210.000.01May 20, 2021KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.
CVE-2021-207200.000.01May 20, 2021SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors.