Shodan
Vulnerabilities
Vulnerable Software
Weseek:  >> Growi  >> 3.5.9  Security Vulnerabilities
CVE-2020-5683
Directory traversal vulnerability in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier allows remote attackers to alter the data by uploading a specially crafted file.
CVSS Score
7.5
EPSS Score
0.01
Published
2020-12-16
CVE-2020-5682
Improper input validation in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier allows remote attackers to cause a denial of service via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.008
Published
2020-12-16
CVE-2020-5676
GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.006
Published
2020-12-03
CVE-2020-5677
Reflected cross-site scripting vulnerability in GROWI v4.0.0 and earlier allows remote attackers to inject arbitrary script via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-12-03
CVE-2020-5678
Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier allows remote attackers to inject arbitrary script via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-12-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved