Vulnerabilities > Sofawiki Project

DATE CVE VULNERABILITY TITLE RISK
2023-05-24 CVE-2023-29721 Unrestricted Upload of File with Dangerous Type vulnerability in Sofawiki Project Sofawiki 3.8.9
SofaWiki <= 3.8.9 has a file upload vulnerability that leads to command execution.
network
low complexity
sofawiki-project CWE-434
critical
9.8
2023-05-18 CVE-2023-29720 Cross-site Scripting vulnerability in Sofawiki Project Sofawiki 3.8.9
SofaWiki <=3.8.9 is vulnerable to Cross Site Scripting (XSS) via index.php.
network
low complexity
sofawiki-project CWE-79
6.1