VulnerableCode Package Details - pkg:composer/showdoc/showdoc@2.10.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/showdoc/showdoc@2.10.2

Essentials
History (27)

purl	pkg:composer/showdoc/showdoc@2.10.2

Next non-vulnerable version	3.8.1
Latest non-vulnerable version	3.8.1
Risk	10.0

Vulnerabilities affecting this package (19)

Vulnerability	Summary	Fixed by
VCID-3n97-92yn-ckck Aliases: CVE-2022-0951 GHSA-j6jg-w79c-7p8v	File Upload Restriction Bypass leading to Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-93sj-gsh9-5bb1 Aliases: CVE-2022-0941 GHSA-wg4r-q74r-p7c8	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-auh1-nb9b-zfg3 Aliases: CVE-2022-0950 GHSA-v94v-pxqp-5qgj	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-deg7-4ma6-tyd2 Aliases: CVE-2022-0942 GHSA-9fcc-7g44-mxrj	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ewjx-puts-f7h4 Aliases: CVE-2022-0945 GHSA-vpwq-6cp4-ffqc	Stored Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-fk3v-vaj6-dka4 Aliases: CVE-2022-1034 GHSA-xp82-jmw8-mjxp	Unrestricted Upload of File with Dangerous Type in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-kjsp-v37r-yue1 Aliases: CVE-2022-0362 GHSA-9cq5-xgg4-x477	SQL Injection in showdoc	2.10.3 Affected by 19 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-kwse-tbqn-tqfr Aliases: CVE-2022-0965 GHSA-v8mp-hhjq-h4cj	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-m3mp-m3pq-fbd9 Aliases: CVE-2022-0956 GHSA-wg8p-w946-c482	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-mybn-n9zu-ukfm Aliases: CVE-2022-0960 GHSA-rphc-h572-2x9f	Cross-site Scripting in showdoc/showdoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ny73-vkpe-mye4 Aliases: CVE-2022-0937 GHSA-mg5h-9rhq-4cqx	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-pupy-jprc-17f4 Aliases: CVE-2022-0962 GHSA-pccm-j6vj-jwwf	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-s5vu-x24p-4uga Aliases: CVE-2022-0964 GHSA-xm3x-787m-p66r	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-u4xp-xb3z-r7dm Aliases: CVE-2022-0967 GHSA-3pg8-c473-w6rr	Stored Cross-site Scripting in showdoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-ubse-tfbr-audj Aliases: CVE-2026-6982 GHSA-fm5r-cj7v-rj2c	A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this vulnerability is an unknown functionality of the file server/Application/Api/Controller/PageController.class.PHP of the component API Page Sort Endpoint. Executing a manipulation of the argument pages can lead to sql injection. The attack may be launched remotely. Upgrading to version 3.8.1 addresses this issue. It is suggested to upgrade the affected component. According to the researcher, "[t]he vendor explicitly stated they will not backport patches to the older affected versions."	3.8.1 Affected by 0 other vulnerabilities.
VCID-urvq-g1g1-8bgy Aliases: CVE-2022-0940 GHSA-82j4-vr25-x394	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-vjve-v4fx-hffb Aliases: CVE-2022-0957 GHSA-q73m-3q7r-fpf7	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-x5zj-4exs-t7em Aliases: CVE-2022-0938 GHSA-mw75-qvfr-hpmr	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-zsvd-ysfj-gkad Aliases: CVE-2022-0946 GHSA-qq74-vgcf-54c3	Cross-site Scripting in ShowDoc	2.10.4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (3)

Vulnerability	Summary	Aliases
VCID-3ez4-xzmr-qbd6	Cross-site Scripting in ShowDoc	CVE-2022-0880 GHSA-gq77-3r6x-383w
VCID-pe2f-4yes-cyew	Unrestricted Upload of File with Dangerous Type in showdoc	CVE-2022-0409 GHSA-6x3j-x9rp-whxp
VCID-uwjs-9kjy-jqcp	Cross-site Scripting in showdoc	CVE-2021-4172 GHSA-7x22-pmw5-66mq

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T22:13:54.717904+00:00	GitLab Importer	Affected by	VCID-ubse-tfbr-audj	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2026-6982.yml	38.6.0
2026-06-12T18:03:13.442083+00:00	GitLab Importer	Affected by	VCID-fk3v-vaj6-dka4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-1034.yml	38.6.0
2026-06-12T18:02:33.284761+00:00	GitLab Importer	Affected by	VCID-u4xp-xb3z-r7dm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0967.yml	38.6.0
2026-06-12T18:02:32.582514+00:00	GitLab Importer	Affected by	VCID-m3mp-m3pq-fbd9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0956.yml	38.6.0
2026-06-12T18:02:31.875143+00:00	GitLab Importer	Affected by	VCID-vjve-v4fx-hffb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0957.yml	38.6.0
2026-06-12T18:02:29.486545+00:00	GitLab Importer	Affected by	VCID-3n97-92yn-ckck	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0951.yml	38.6.0
2026-06-12T18:02:26.795264+00:00	GitLab Importer	Affected by	VCID-ewjx-puts-f7h4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0945.yml	38.6.0
2026-06-12T18:02:26.090883+00:00	GitLab Importer	Affected by	VCID-deg7-4ma6-tyd2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0942.yml	38.6.0
2026-06-12T18:02:25.209428+00:00	GitLab Importer	Affected by	VCID-kwse-tbqn-tqfr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0965.yml	38.6.0
2026-06-12T18:02:23.710087+00:00	GitLab Importer	Affected by	VCID-auh1-nb9b-zfg3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0950.yml	38.6.0
2026-06-12T18:02:23.003489+00:00	GitLab Importer	Affected by	VCID-s5vu-x24p-4uga	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0964.yml	38.6.0
2026-06-12T18:02:21.246958+00:00	GitLab Importer	Affected by	VCID-x5zj-4exs-t7em	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0938.yml	38.6.0
2026-06-12T18:02:20.506987+00:00	GitLab Importer	Affected by	VCID-mybn-n9zu-ukfm	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0960.yml	38.6.0
2026-06-12T18:02:18.699416+00:00	GitLab Importer	Affected by	VCID-zsvd-ysfj-gkad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0946.yml	38.6.0
2026-06-12T18:02:17.753341+00:00	GitLab Importer	Affected by	VCID-93sj-gsh9-5bb1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0941.yml	38.6.0
2026-06-12T18:02:13.810398+00:00	GitLab Importer	Affected by	VCID-ny73-vkpe-mye4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0937.yml	38.6.0
2026-06-12T18:02:11.680397+00:00	GitLab Importer	Affected by	VCID-pupy-jprc-17f4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0962.yml	38.6.0
2026-06-12T18:02:10.283177+00:00	GitLab Importer	Affected by	VCID-urvq-g1g1-8bgy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0940.yml	38.6.0
2026-06-12T17:56:36.937167+00:00	GitLab Importer	Affected by	VCID-kjsp-v37r-yue1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0362.yml	38.6.0
2026-06-12T15:43:42.740912+00:00	GitLab Importer	Fixing	VCID-3ez4-xzmr-qbd6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0880.yml	38.6.0
2026-06-12T15:43:36.037480+00:00	GitLab Importer	Fixing	VCID-pe2f-4yes-cyew	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2022-0409.yml	38.6.0
2026-06-12T15:43:09.204511+00:00	GitLab Importer	Fixing	VCID-uwjs-9kjy-jqcp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/showdoc/showdoc/CVE-2021-4172.yml	38.6.0
2026-06-12T08:16:24.026827+00:00	GithubOSV Importer	Fixing	VCID-uwjs-9kjy-jqcp	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-7x22-pmw5-66mq/GHSA-7x22-pmw5-66mq.json	38.6.0
2026-06-12T08:15:46.455349+00:00	GithubOSV Importer	Fixing	VCID-pe2f-4yes-cyew	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-6x3j-x9rp-whxp/GHSA-6x3j-x9rp-whxp.json	38.6.0
2026-06-11T20:28:19.490885+00:00	GHSA Importer	Fixing	VCID-pe2f-4yes-cyew	https://github.com/advisories/GHSA-6x3j-x9rp-whxp	38.6.0
2026-06-11T20:27:42.475429+00:00	GHSA Importer	Fixing	VCID-uwjs-9kjy-jqcp	https://github.com/advisories/GHSA-7x22-pmw5-66mq	38.6.0
2026-06-11T20:27:39.783977+00:00	GHSA Importer	Affected by	VCID-kjsp-v37r-yue1	https://github.com/advisories/GHSA-9cq5-xgg4-x477	38.6.0