Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:weseek:growi:3.5.6:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-5683 |
Directory traversal vulnerability in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier allows remote attackers to alter the data by uploading a specially crafted file. Published: December 16, 2020; 3:15:14 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2020-5682 |
Improper input validation in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier allows remote attackers to cause a denial of service via unspecified vectors. Published: December 16, 2020; 3:15:13 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2020-5678 |
Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier allows remote attackers to inject arbitrary script via unspecified vectors. Published: December 03, 2020; 7:15:11 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-5677 |
Reflected cross-site scripting vulnerability in GROWI v4.0.0 and earlier allows remote attackers to inject arbitrary script via unspecified vectors. Published: December 03, 2020; 7:15:11 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-5676 |
GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors. Published: December 03, 2020; 7:15:11 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |