19 matches found
EUVD-2023-31623
Malicious code in bioql PyPI...
CVE-2023-27888
Cross-site scripting vulnerability in Joruri Gw Ver 3.2.5 and earlier allows a remote authenticated attacker to inject an arbitrary script via Message Memo function of the affected product...
CVE-2023-27888
Cross-site scripting vulnerability in Joruri Gw Ver 3.2.5 and earlier allows a remote authenticated attacker to inject an arbitrary script via Message Memo function of the affected product...
CVE-2023-27888
Cross-site scripting vulnerability in Joruri Gw Ver 3.2.5 and earlier allows a remote authenticated attacker to inject an arbitrary script via Message Memo function of the affected product...
Cross site scripting
Cross-site scripting vulnerability in Joruri Gw Ver 3.2.5 and earlier allows a remote authenticated attacker to inject an arbitrary script via Message Memo function of the affected product...
CVE-2023-27888
Cross-site scripting vulnerability in Joruri Gw Ver 3.2.5 and earlier allows a remote authenticated attacker to inject an arbitrary script via Message Memo function of the affected product...
CVE-2023-27888
CVE-2023-27888 affects Joruri Gw; vulnerable component is the Message Memo function in Joruri Gw versions 3.2.5 and earlier. The root cause is a cross-site scripting flaw that allows a remote authenticated attacker to inject arbitrary script, potentially impacting users’ browsers when they load t...
PT-2023-21394 · Joruri Gw · Joruri Gw
Name of the Vulnerable Software and Affected Versions: Joruri Gw versions 3.2.5 and earlier Description: A cross-site scripting issue allows a remote authenticated attacker to inject an arbitrary script via the Message Memo function of the affected product. Recommendations: For versions 3.2.5 and...
Joruri Gw vulnerable to cross-site scripting
Overview Joruri Gw provided by SiteBridge Inc. is groupware. Message Memo function of Joruri Gw contains a cross-site scripting vulnerability CWE-79. Tsutomu Aramaki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
JVN#87559956: Joruri Gw vulnerable to cross-site scripting
Joruri Gw provided by SiteBridge Inc. is groupware. Message Memo function of Joruri Gw contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is accessing the specific page of the product. Solution Update the software...
Joruri Gw 跨站脚本漏洞
Joruri Gw is a web portal of Joruri Inc. A security vulnerability exists in Joruri Gw. An attacker can exploit the vulnerability to execute arbitrary scripts...
SiteBridge Joruri Gw Arbitrary File Upload Vulnerability
SiteBridge Joruri Gw is a group assignment software from SiteBridge Japan. An arbitrary file upload vulnerability exists in SiteBridge Joruri Gw 3.2.0 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary PHP code...
Unrestricted file upload
Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors...
CVE-2018-0568
Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors...
CVE-2018-0568
Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors...
CVE-2018-0568
CVE-2018-0568 is an unrestricted file upload vulnerability in SiteBridge Joruri Gw (Ver 3.2.0 and earlier). A remote authenticated attacker can execute arbitrary PHP code via unspecified vectors due to CWE-434-like upload flaw. Affected: Joruri Gw 3.2.0 and earlier. Impact: potential remote code ...
CVE-2018-0568
Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors...
Joruri Gw vulnerable to arbitrary file upload
Overview Joruri Gw provided by SiteBridge Inc. is groupware which runs on Ruby on Rails. Joruri Gw contains a vulnerability that may allow an attacker to upload arbitrary files CWE-434. Shoji Baba of Kobe Digital Labo, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
JVN#95589314: Joruri Gw vulnerable to arbitrary file upload
Joruri Gw provided by SiteBridge Inc. is groupware which runs on Ruby on Rails. Joruri Gw contains a vulnerability that may allow an attacker to upload arbitrary files CWE-434. Impact A user may upload arbitrary files. When PHP code execution is enabled on the server, a user may execute arbitrary...