VYPR
Vendor

Star7th

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2025-0520CriApr 29, 2025
    risk 0.54cvss epss 0.01

    An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7.

  • CVE-2026-6982MedApr 25, 2026
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this vulnerability is an unknown functionality of the file server/Application/Api/Controller/PageController.class.PHP of the component API Page Sort Endpoint. Executing a manipulation of the…

  • CVE-2023-25578Feb 15, 2023
    risk 0.00cvss epss 0.01

    Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to version 1.5.2, the request body parsing in `starlite` allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipart body parser processes an unlimited…

  • CVE-2018-19433Nov 22, 2018
    risk 0.00cvss epss 0.01

    ShowDoc 2.4.1 has XSS via the lang parameter because install/database.php mishandles the $cur_lang value.