Kujirahand

kujirahand

8 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-42496 1Kujirahand 1Nadesiko3 Apr 24, 2025 Dec 5, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product.
CVE-2022-41777 1Kujirahand 1Nadesiko3 Apr 24, 2025 Dec 5, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of...Show more Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash.Show less
CVE-2022-41642 1Kujirahand 1Nadesiko3 Apr 24, 2025 Dec 5, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.
CVE-2021-20721 1Kujirahand 1Konawiki Nov 21, 2024 May 20, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 KonaWiki2 versions prior to 2.2.4 allows a remote attacker to upload arbitrary files via unspecified vectors. If the file contains PHP scripts, arbitrary code may be executed.
CVE-2021-20720 1Kujirahand 1Konawiki Nov 21, 2024 May 20, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 SQL injection vulnerability in the KonaWiki2 versions prior to 2.2.4 allows remote attackers to execute arbitrary SQL commands and to obtain/alter the information stored in the database via unspecified vectors.
CVE-2020-5614 1Kujirahand 1Konawiki Nov 21, 2024 Jul 29, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors.
CVE-2020-5613 1Kujirahand 1Konawiki Nov 21, 2024 Jul 29, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to execute an arbitrary script via a specially crafted URL.
CVE-2020-5612 1Kujirahand 1Konawiki Nov 21, 2024 Jul 29, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting vulnerability in KonaWiki 2.2.0 and earlier allows remote attackers to execute an arbitrary script via a specially crafted URL.