Diaowen Dwsurvey
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Diaowen Dwsurvey.
By the Year
In 2026 there have been 0 vulnerabilities in Diaowen Dwsurvey. Dwsurvey did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 2 | 7.95 |
| 2022 | 2 | 9.80 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 2 | 0.00 |
It may take a day or so for new Dwsurvey vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Diaowen Dwsurvey Security Vulnerabilities
File Upload exec in DWSurvey-OSS v3.2.0 via saveimage/savveFile
CVE-2023-40980
9.8 - Critical
- September 01, 2023
File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file.
Unrestricted File Upload
XSS in wkeyuan DWSurvey 1.0 via qu-multi-fillblank!answers.action
CVE-2020-20070
6.1 - Medium
- June 20, 2023
Cross Site Scripting vulnerability found in wkeyuan DWSurvey 1.0 allows a remote attacker to execute arbitrary code via thequltemld parameter of the qu-multi-fillblank!answers.action file.
XSS
DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability
CVE-2021-39384
9.8 - Critical
- March 20, 2022
DWSurvey v3.2.0 was discovered to contain an arbitrary file write vulnerability via the component /utils/ToHtmlServlet.java.
Unrestricted File Upload
DWSurvey v3.2.0 was discovered to contain a remote command execution (RCE) vulnerability
CVE-2021-39383
9.8 - Critical
- March 20, 2022
DWSurvey v3.2.0 was discovered to contain a remote command execution (RCE) vulnerability via the component /sysuser/SysPropertyAction.java.
Code Injection
DWSurvey through 2019-07-22 has reflected XSS
CVE-2019-15095
- August 16, 2019
DWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi-fillblank!answers.action surveyId parameter.
DWSurvey through 2019-07-22 has stored XSS
CVE-2019-14747
- August 07, 2019
DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-design!copySurvey.action surveyName parameter.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Diaowen Dwsurvey or by Diaowen? Click the Watch button to subscribe.
