Home/Product/codiad
Product

codiad

14 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-26557
all versions
Codiad v2.8.4 allows reflected XSS via the components/market/dialog.php type parameter.
5.4MEDIUM
 CVE-2017-20178
all versions
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in Codiad 2.8.0. It has been rated as problematic. Affected by this issu
3.1LOW
 CVE-2020-23355
all versions
PRODUCT NOT SUPPORTED WHEN ASSIGNED Codiad 2.8.4 /componetns/user/class.user.php:Authenticate() is vulnerable in magic hash
7.5HIGH
 CVE-2020-14042
>= 1.7.8
PRODUCT NOT SUPPORTED WHEN ASSIGNED A Cross Site Scripting (XSS) vulnerability was found in Codiad v1.7.8 and later. The vul
6.1MEDIUM
 CVE-2020-14044
>= 1.7.8
PRODUCT NOT SUPPORTED WHEN ASSIGNED A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later.
7.2HIGH
 CVE-2020-14043
>= 1.7.8
PRODUCT NOT SUPPORTED WHEN ASSIGNED A Cross Side Request Forgery (CSRF) vulnerability was found in Codiad v1.7.8 and later.
8.8HIGH
 CVE-2019-19208
<= 2.8.4
Codiad Web IDE through 2.8.4 allows PHP Code injection.
9.8CRITICAL
 CVE-2018-19423
all versions
Codiad 2.8.4 allows remote authenticated administrators to execute arbitrary code by uploading an executable file.
7.2HIGH
 CVE-2018-14009
<= 2.8.4
Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689.
9.8CRITICAL
 CVE-2017-1000125
all versions
Codiad(full version) is vulnerable to write anything to configure file in the installation resulting upload a webshell.
7.5HIGH
 CVE-2017-11366
<= 2.8.3
components/filemanager/class.filemanager.php in Codiad before 2.8.4 is vulnerable to remote command execution because shell comman
9.8CRITICAL
 CVE-2014-9582
all versions
Cross-site scripting (XSS) vulnerability in components/filemanager/dialog.php in Codiad 2.4.3 allows remote attackers to inject ar
 CVE-2014-9581
all versions
Directory traversal vulnerability in components/filemanager/download.php in Codiad 2.4.3 allows remote attackers to read arbitrary
 CVE-2013-7257
all versions
Cross-site scripting (XSS) vulnerability in Codiad 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the Pr
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh