Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

konawiki

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

5
Related CVEsRelated VendorsRelated AssignersReports
5Vulnerabilities found
CVE-2021-20721
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.68% / 70.53%
||
7 Day CHG~0.00%
Published-20 May, 2021 | 01:15
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.

Action-Not Available
Vendor-kujirahandkujirahand
Product-konawikiKonaWiki2
CWE ID-CWE-434
Unrestricted Upload of File with Dangerous Type
CVE-2021-20720
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-9.8||CRITICAL
EPSS-0.54% / 66.53%
||
7 Day CHG~0.00%
Published-20 May, 2021 | 01:15
Updated-03 Aug, 2024 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors.

Action-Not Available
Vendor-kujirahandkujirahand
Product-konawikiKonaWiki2
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2020-5614
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-5.3||MEDIUM
EPSS-0.26% / 48.92%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 01:05
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors.

Action-Not Available
Vendor-kujirahandkujirahand
Product-konawikiKonaWiki
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2020-5613
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-6.1||MEDIUM
EPSS-0.42% / 61.22%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 01:05
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to execute an arbitrary script via a specially crafted URL.

Action-Not Available
Vendor-kujirahandkujirahand
Product-konawikiKonaWiki
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2020-5612
Assigner-JPCERT/CC
ShareView Details
Assigner-JPCERT/CC
CVSS Score-6.1||MEDIUM
EPSS-0.42% / 61.22%
||
7 Day CHG~0.00%
Published-29 Jul, 2020 | 01:05
Updated-04 Aug, 2024 | 08:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cross-site scripting vulnerability in KonaWiki 2.2.0 and earlier allows remote attackers to execute an arbitrary script via a specially crafted URL.

Action-Not Available
Vendor-kujirahandkujirahand
Product-konawikiKonaWiki
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')