Vulnerabilities > Kujirahand
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-05 | CVE-2022-41642 | OS Command Injection vulnerability in Kujirahand Nadesiko3 OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product. | 9.8 |
| 2022-12-05 | CVE-2022-41777 | Unspecified vulnerability in Kujirahand Nadesiko3 Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash. | 7.5 |
| 2022-12-05 | CVE-2022-42496 | OS Command Injection vulnerability in Kujirahand Nadesiko3 OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product. | 9.8 |
| 2021-05-20 | CVE-2021-20720 | SQL Injection vulnerability in Kujirahand Konawiki SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors. | 9.8 |
| 2021-05-20 | CVE-2021-20721 | Unrestricted Upload of File with Dangerous Type vulnerability in Kujirahand Konawiki KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. | 9.8 |
| 2020-07-29 | CVE-2020-5614 | Path Traversal vulnerability in Kujirahand Konawiki Directory traversal vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors. | 5.3 |
| 2020-07-29 | CVE-2020-5613 | Cross-site Scripting vulnerability in Kujirahand Konawiki Cross-site scripting vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to execute an arbitrary script via a specially crafted URL. | 6.1 |
| 2020-07-29 | CVE-2020-5612 | Cross-site Scripting vulnerability in Kujirahand Konawiki Cross-site scripting vulnerability in KonaWiki 2.2.0 and earlier allows remote attackers to execute an arbitrary script via a specially crafted URL. | 6.1 |