Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Diaowen Subscribe
Filtered by product Dwsurvey
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-39383 1 Diaowen 1 Dwsurvey 2022-07-12 7.5 HIGH 9.8 CRITICAL
DWSurvey v3.2.0 was discovered to contain a remote command execution (RCE) vulnerability via the component /sysuser/SysPropertyAction.java.
CVE-2021-39384 1 Diaowen 1 Dwsurvey 2022-03-28 7.5 HIGH 9.8 CRITICAL
DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java.
CVE-2019-15095 1 Diaowen 1 Dwsurvey 2019-08-26 4.3 MEDIUM 6.1 MEDIUM
DWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter.
CVE-2019-14747 1 Diaowen 1 Dwsurvey 2019-08-12 4.3 MEDIUM 6.1 MEDIUM
DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-design!copySurvey.action surveyName parameter.