Vulnerabilities > Codiad
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-21 | CVE-2017-20178 | Unspecified vulnerability in Codiad 2.8.0 ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Codiad 2.8.0. | 7.5 |
2021-01-27 | CVE-2020-23355 | Unspecified vulnerability in Codiad 2.8.4 ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate() is vulnerable in magic hash authentication bypass. | 7.5 |
2020-08-25 | CVE-2020-14042 | Cross-site Scripting vulnerability in Codiad ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Site Scripting (XSS) vulnerability was found in Codiad v1.7.8 and later. | 6.1 |
2020-08-24 | CVE-2020-14044 | Server-Side Request Forgery (SSRF) vulnerability in Codiad ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later. | 7.2 |
2020-08-24 | CVE-2020-14043 | Cross-Site Request Forgery (CSRF) vulnerability in Codiad ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Side Request Forgery (CSRF) vulnerability was found in Codiad v1.7.8 and later. | 8.8 |
2020-03-16 | CVE-2019-19208 | Code Injection vulnerability in Codiad Codiad Web IDE through 2.8.4 allows PHP Code injection. | 9.8 |
2018-11-21 | CVE-2018-19423 | Unrestricted Upload of File with Dangerous Type vulnerability in Codiad 2.8.4 Codiad 2.8.4 allows remote authenticated administrators to execute arbitrary code by uploading an executable file. | 7.2 |
2018-07-12 | CVE-2018-14009 | Improper Input Validation vulnerability in Codiad Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689. | 9.8 |
2017-11-17 | CVE-2017-1000125 | Incorrect Permission Assignment for Critical Resource vulnerability in Codiad Codiad(full version) is vulnerable to write anything to configure file in the installation resulting upload a webshell. | 7.5 |
2017-08-21 | CVE-2017-11366 | OS Command Injection vulnerability in Codiad components/filemanager/class.filemanager.php in Codiad before 2.8.4 is vulnerable to remote command execution because shell commands can be embedded in parameter values, as demonstrated by search_file_type. | 9.8 |