Kujirahand: >> Nadesiko3 >> 3.0.53 Security Vulnerabilities
OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-12-05
OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.
CVSS Score
9.8
EPSS Score
0.007
Published
2022-12-05
Improper check or handling of exceptional conditions vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to inject an invalid value to decodeURIComponent of nako3edit, which may lead the server to crash.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-12-05