Skip to main content

Showdoc CVE-2021-3680

MEDIUM
Missing Cryptographic Step (CWE-325)
2021-08-04 security@huntr.dev
4.9
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.9 MEDIUM
AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 04, 2021 - 13:15 nvd
MEDIUM 4.9

DescriptionNVD

showdoc is vulnerable to Missing Cryptographic Step

AnalysisAI

showdoc is vulnerable to Missing Cryptographic Step. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Technical ContextAI

This vulnerability is classified under CWE-325. Affected products include: Showdoc.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2021-36440 CRITICAL POC
9.8 Sep 08

Unrestricted File Upload in ShowDoc v2.9.5 allows remote attackers to execute arbitrary code via the 'file_url' paramete

CVE-2021-4168 HIGH POC
8.8 Dec 26

showdoc is vulnerable to Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remote

CVE-2021-4017 HIGH POC
8.8 Dec 01

showdoc is vulnerable to Cross-Site Request Forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remote

CVE-2022-0409 HIGH POC
7.8 Feb 19

Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2. Rated high severity (CVSS

CVE-2022-1034 HIGH POC
7.2 Mar 22

There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.

CVE-2021-3993 MEDIUM POC
6.5 Dec 01

showdoc is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 6.5), this vulnerability is remo

CVE-2021-3990 MEDIUM POC
6.5 Dec 01

showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG). Rated medium severity (CVS

CVE-2021-3683 MEDIUM POC
6.5 Nov 13

showdoc is vulnerable to Cross-Site Request Forgery (CSRF). Rated medium severity (CVSS 6.5), this vulnerability is remo

CVE-2018-19621 MEDIUM POC
6.5 Nov 28

server/index.php?s=/api/teamMember/save in ShowDoc 2.4.2 has a CSRF that can add members to a team. Rated medium severit

CVE-2018-19609 MEDIUM POC
6.5 Nov 27

ShowDoc 2.4.1 allows remote attackers to obtain sensitive information by navigating with a modified page_id, as demonstr

CVE-2022-0951 MEDIUM POC
6.1 Mar 15

File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4.

CVE-2021-4000 MEDIUM POC
6.1 Dec 03

showdoc is vulnerable to URL Redirection to Untrusted Site. Rated medium severity (CVSS 6.1), this vulnerability is remo

Share

CVE-2021-3680 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy