ReportizFlow
Filtered by vendor Diaowen
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-20070 | 1 Diaowen | 1 Dwsurvey | 2024-12-11 | 6.1 Medium |
| Cross Site Scripting vulnerability found in wkeyuan DWSurvey 1.0 allows a remote attacker to execute arbitrary code via thequltemld parameter of the qu-multi-fillblank!answers.action file. | ||||
| CVE-2023-40980 | 1 Diaowen | 1 Dwsurvey | 2024-11-21 | 9.8 Critical |
| File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file. | ||||
| CVE-2021-39384 | 1 Diaowen | 1 Dwsurvey | 2024-11-21 | 9.8 Critical |
| DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java. | ||||
| CVE-2021-39383 | 1 Diaowen | 1 Dwsurvey | 2024-11-21 | 9.8 Critical |
| DWSurvey v3.2.0 was discovered to contain a remote command execution (RCE) vulnerability via the component /sysuser/SysPropertyAction.java. | ||||
| CVE-2019-15095 | 1 Diaowen | 1 Dwsurvey | 2024-11-21 | N/A |
| DWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter. | ||||
| CVE-2019-14747 | 1 Diaowen | 1 Dwsurvey | 2024-11-21 | N/A |
| DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-design!copySurvey.action surveyName parameter. | ||||
Page 1 of 1.