| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-27413 | PwnDoc Arbitrary File Write to RCE using Path Traversal in template update from backup templates.json | pwndoc | pwndoc | Medium | 6.5 | 2025-02-28 21:02:36 | Deep Dive |
| CVE-2025-27410 | PwnDoc Arbitrary File Write to RCE using Path Traversal in backup restore as admin | pwndoc | pwndoc | Medium | 6.5 | 2025-02-28 21:00:11 | Deep Dive |
| CVE-2025-23044 | Cross-Site Request Forgery (CSRF) allows creating admin account with POST request | pwndoc | pwndoc | Medium | 6.8 | 2025-01-20 15:43:24 | Deep Dive |
| CVE-2024-55652 | PwnDoc Server-Side Template Injection vulnerability - Sandbox Escape to RCE using custom filters | pwndoc | pwndoc | Medium | 6.5 | 2024-12-11 22:41:17 | Deep Dive |
| CVE-2024-55653 | pwndoc's UnhandledPromiseRejection on audits causes Denial of Service (DoS) | pwndoc | pwndoc | Medium | 6.5 | 2024-12-10 22:56:07 | Deep Dive |
| CVE-2024-55602 | PenDoc vulnerable to Arbitrary File Read on updating and downloading templates using Path Traversal | pwndoc | pwndoc | High | 7.6 | 2024-12-10 16:58:13 | Deep Dive |