CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

135 matches found

OSV•added 2018/01/26 4:29 p.m.•2 views

CVE-2017-2166

Open redirect vulnerability in GroupSession version 4.7.0 and earlier allows an attacker to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

6.1CVSS5.9AI score

Exploits0References1

Prion•added 2018/01/26 4:29 p.m.•11 views

Open redirect

Open redirect vulnerability in GroupSession version 4.7.0 and earlier allows an attacker to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

5.8CVSS6.1AI score0.00784EPSS

Exploits0References1Affected Software1

NVD•added 2018/01/26 4:29 p.m.•14 views

CVE-2017-2166

Open redirect vulnerability in GroupSession version 4.7.0 and earlier allows an attacker to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

6.1CVSS6.2AI score0.00784EPSS

Exploits0References1

CVE•added 2018/01/26 4:0 p.m.•41 views

CVE-2017-2166

CVE-2017-2166 is an open redirect vulnerability in GroupSession (Japan Total System Co., Ltd. GroupSession) affecting version 4.7.0 and earlier. The root cause is an open redirect (CWE-601) that could allow an attacker to redirect users to arbitrary websites, potentially enabling phishing. The is...

6.1CVSS6.1AI score0.00784EPSS

Exploits0References1Affected Software1

Cvelist•added 2018/01/26 4:0 p.m.•18 views

CVE-2017-2166

Open redirect vulnerability in GroupSession version 4.7.0 and earlier allows an attacker to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors...

6.1AI score0.00784EPSS

Exploits0References1

CNVD•added 2018/01/22 12:0 a.m.•3 views

Japan Total System GroupSession Open Redirect Vulnerability

Japan Total System GroupSession is a groupware project by Japan Total System JTS to facilitate communication among companies and organizations, aiming to promote information sharing. An open redirection vulnerability exists in Japan Total System GroupSession 4.7.0 and earlier versions. An attacke...

6.1CVSS6.7AI score0.00784EPSS

Exploits0References1

Japan Vulnerability Notes•added 2018/01/19 5:19 a.m.•3 views

GroupSession vulnerable to open redirect

Overview GroupSession provided by Japan Total System Co.,Ltd. is an open source groupware. GroupSession contains an open redirect vulnerability CWE-601. Norihiko Hirukawa of FiveDrive Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

6.1CVSS6.7AI score0.00784EPSS

Exploits0References5

Japan Vulnerability Notes•added 2018/01/19 12:0 a.m.•65 views

JVN#26200083: GroupSession vulnerable to open redirect

GroupSession provided by Japan Total System Co.,Ltd. is an open source groupware. GroupSession contains an open redirect vulnerability CWE-601. Impact When accessing a specially crafted page, the user may be redirected to an arbitrary website. As a result, the user may become a victim of a phishi...

6.1CVSS6.2AI score0.00784EPSS

Exploits0

NVD•added 2017/06/09 4:29 p.m.•19 views

CVE-2017-2165

GroupSession versions 4.6.4 and earlier allows remote authenticated attackers to bypass access restrictions to obtain sensitive information such as emails via unspecified vectors...

6.5CVSS6AI score0.01343EPSS

Exploits0References2

Prion•added 2017/06/09 4:29 p.m.•11 views

Authentication flaw

GroupSession versions 4.6.4 and earlier allows remote authenticated attackers to bypass access restrictions to obtain sensitive information such as emails via unspecified vectors...

4CVSS5.8AI score0.01343EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/06/09 4:0 p.m.•21 views

CVE-2017-2165

GroupSession versions 4.6.4 and earlier allows remote authenticated attackers to bypass access restrictions to obtain sensitive information such as emails via unspecified vectors...

6AI score0.01343EPSS

Exploits0References2

CVE•added 2017/06/09 4:0 p.m.•49 views

CVE-2017-2165

CVE-2017-2165 affects GroupSession versions ≤ 4.6.4. The root cause is a failure to restrict access permissions, allowing remote authenticated attackers to bypass access controls and obtain sensitive information such as emails via unspecified vectors. Documented impact is authenticated access to ...

6.5CVSS5.8AI score0.01343EPSS

Exploits0References2Affected Software1

CNVD•added 2017/05/27 12:0 a.m.•5 views

Japan Total System GroupSession Unrestricted Access Vulnerability

Japan Total System GroupSession is a groupware project by Japan Total System JTS to facilitate communication among companies and organizations, aiming to promote information sharing. A security vulnerability exists in JTS GroupSession 4.6.4 and earlier versions, which stems from the program's...

6.5CVSS6.5AI score0.01343EPSS

Exploits0References1

Japan Vulnerability Notes•added 2017/05/25 5:14 a.m.•4 views

GroupSession fails to restrict access permissions

Overview GroupSession provided by Japan Total System Co.,Ltd. is open source groupware. GroupSession fails to restrict access permissions. Norihiko Hirukawa of FiveDrive Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

6.5CVSS6.5AI score0.01343EPSS

Exploits0References5

Japan Vulnerability Notes•added 2017/05/25 12:0 a.m.•31 views

JVN#42164352: GroupSession fails to restrict access permissions

GroupSession provided by Japan Total System Co.,Ltd. is open source groupware. GroupSession fails to restrict access permissions. Impact An authenticated attacker may obtain other user's senisitive information such as email. Solution Update the Software Update to the latest version according to t...

6.5CVSS6.3AI score0.01343EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by