Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-39383 | 1 Diaowen | 1 Dwsurvey | 2022-07-12 | 7.5 HIGH | 9.8 CRITICAL |
DWSurvey v3.2.0 was discovered to contain a remote command execution (RCE) vulnerability via the component /sysuser/SysPropertyAction.java. | |||||
CVE-2021-39384 | 1 Diaowen | 1 Dwsurvey | 2022-03-28 | 7.5 HIGH | 9.8 CRITICAL |
DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java. | |||||
CVE-2019-15095 | 1 Diaowen | 1 Dwsurvey | 2019-08-26 | 4.3 MEDIUM | 6.1 MEDIUM |
DWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter. | |||||
CVE-2019-14747 | 1 Diaowen | 1 Dwsurvey | 2019-08-12 | 4.3 MEDIUM | 6.1 MEDIUM |
DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-design!copySurvey.action surveyName parameter. |