Vulnerabilities > Kujirahand > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-12-05 CVE-2022-41642 OS Command Injection vulnerability in Kujirahand Nadesiko3
OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.
network
low complexity
kujirahand CWE-78
critical
 9.8
9.8
2022-12-05 CVE-2022-42496 OS Command Injection vulnerability in Kujirahand Nadesiko3
OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product.
network
low complexity
kujirahand CWE-78
critical
 9.8
9.8
2021-05-20 CVE-2021-20720 SQL Injection vulnerability in Kujirahand Konawiki
SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors.
network
low complexity
kujirahand CWE-89
critical
 9.8
9.8
2021-05-20 CVE-2021-20721 Unrestricted Upload of File with Dangerous Type vulnerability in Kujirahand Konawiki
KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors.
network
low complexity
kujirahand CWE-434
critical
 9.8
9.8