30 matches found
EUVD-2015-5618
Malware in sbrugna...
EUVD-2015-5621
Malware in sbrugna...
EUVD-2015-5620
Malware in sbrugna...
Techno Project Japan Enisys Gw Security Bypass Vulnerability
Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A security vulnerability exists in Techno Project Japan Enisys Gw that can be exploited by remote attackers to bypass security restrictions and read arbitrary web ROOT files...
Techno Project Japan Enisys Gw Arbitrary Code Execution Vulnerability
Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A security vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to write to arbitrary files and execute arbitrary code...
Techno Project Japan Enisys Gw SQL Injection Vulnerability
Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A SQL injection vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to submit specially crafted SQL queries or obtain database data...
Techno Project Japan Enisys Gw Cross-Site Scripting Vulnerability
Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A cross-site scripting vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to inject malicious script or HTML code that, when viewed with malicious data,...
CVE-2015-5671
Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to bypass intended access restrictions and read arbitrary uploaded files via unspecified vectors...
CVE-2015-5670
Cross-site scripting XSS vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-5669
Techno Project Japan Enisys Gw before 1.4.1 allows remote authenticated users to write to arbitrary files and consequently execute arbitrary code via unspecified vectors...
CVE-2015-5668
SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Design/Logic Flaw
Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to bypass intended access restrictions and read arbitrary uploaded files via unspecified vectors...
Sql injection
SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Code injection
Techno Project Japan Enisys Gw before 1.4.1 allows remote authenticated users to write to arbitrary files and consequently execute arbitrary code via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-5668
SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2015-5668
The CVE-2015-5668 entry concerns Techno Project Japan Enisys Gw, an open-source groupware product. A SQL injection vulnerability (CWE-89) exists in Enisys Gw prior to 1.4.1, allowing remote, unauthenticated attackers to submit specially crafted SQL queries to obtain or alter data stored in the da...
CVE-2015-5670
Cross-site scripting XSS vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-5671
CVE-2015-5671 concerns Techno Project Japan’s Enisys Gw open-source groupware. Affected: Enisys Gw 1.4.0 and earlier. Root cause: failure to restrict access permissions, allowing a remote unauthenticated attacker to read arbitrary files uploaded to the product via unspecified vectors. Impact, as ...
CVE-2015-5669
Enisys Gw (Techno Project Japan) is affected up to version 1.4.0; CVE-2015-5669 describes a vulnerability that allows a remote authenticated user to create arbitrary files, which can lead to arbitrary code execution on the server. The JVN entry specifies Enisys Gw 1.4.0 and earlier as affected, w...