ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified page_id.
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.10.4.
File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4.
Stored XSS via File Upload in GitHub repository star7th/showdoc prior to 2.10.4.
Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS via File Upload in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.4.10.
Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.
Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4.
Stored XSS via file upload in GitHub repository star7th/showdoc prior to v2.10.4.
Stored xss in showdoc through file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4.
Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4.
Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2.
Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2.
A SQL injection vulnerability was found in showdoc.
Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc
showdoc is vulnerable to Generation of Error Message Containing Sensitive Information