Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

KonaWiki2

Source -

CNA

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
2Vulnerabilities found
CVE-2021-20721
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.68% / 70.53%
||
7 Day CHG~0.00%
Published-20 May, 2021 | 01:15
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.

Action-Not Available
Vendor-kujirahandkujirahand
Product-konawikiKonaWiki2
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-20720
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.54% / 66.53%
||
7 Day CHG~0.00%
Published-20 May, 2021 | 01:15
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors.

Action-Not Available
Vendor-kujirahandkujirahand
Product-konawikiKonaWiki2
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')