12 matches found
EUVD-2016-8694
Malware in sbrugna...
EUVD-2016-8693
Malware in sbrugna...
Design/Logic Flaw
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload arbitrary files as a user profile image, which may be exploited for unauthorized file sharing...
CVE-2016-7844
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template...
CVE-2016-7844
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template...
CVE-2016-7845
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload arbitrary files as a user profile image, which may be exploited for unauthorized file sharing...
CVE-2016-7845
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload arbitrary files as a user profile image, which may be exploited for unauthorized file sharing...
CVE-2016-7844
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template...
CVE-2016-7845
CVE-2016-7845 affects GigaCC OFFICE (ver. 2.3 and earlier). The vulnerability allows remote attackers to upload arbitrary files as a user profile image, enabling potential unauthorized file sharing. The JVN/JVNDB entry and JVNDB-2017-001054 description corroborate an arbitrary file upload via the...
CVE-2016-7844
CVE-2016-7844 is linked to GigaCC OFFICE, with affected versions up to 2.3 and earlier. The connected JVN entry (J VNDB-2017-001053) identifies the root cause as a misconfiguration of the Apache Velocity template engine used for sending emails. This misconfiguration can allow a remote attacker to...
Arbitrary file upload vulnerability in GigaCC OFFICE
Overview GigaCC OFFICE provided by WAM!NET Japan K.K. contains a vulnerability where arbitrary files may be uploaded. WAM!NET Japan K.K. and the following people reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and WAM!NET Japan K.K. coordinated...
Mis-configuration of Apache Velocity template engine used to send emails in GigaCC OFFICE
Overview GigaCC OFFICE provided by WAM!NET Japan K.K. contains mis-configuration of Apache Velocity template engine which is used to send emails. WAM!NET Japan K.K. and the following people reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and...