EUVD-2016-2313

Malware in sbrugna...

EUVD-2015-0907

Malware in sbrugna...

CVE-2018-0514

MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors...

CVE-2018-0514

MP Form Mail CGI eCommerce Edition (futomi Co., Ltd.) is vulnerable to OS command injection (CWE-78). Affected: Ver 2.0.13 and earlier. Impact: remote attacker may execute arbitrary OS commands. Root cause: OS command injection in the CGI that handles web form mail. Remediation: update to the lat...

CVE-2016-1212

Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors...

CVE-2016-1212

CVE-2016-1212 affects Futomi MP Form Mail CGI Professional Edition up to version 3.2.3, exposing a directory traversal vulnerability (CWE-22). The flaw allows remote authenticated administrators to read arbitrary files on the server via unspecified vectors. Public records from NVD/JVN describe th...

CVE-2016-1212

Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors...

CVE-2015-0898

The CVE concerns Futomi CGI Cafe MP Form Mail CGI eCommerce edition running on Windows. The vulnerability allows a remote attacker to execute arbitrary Perl code due to an injection flaw in the CGI eCommerce implementation, affecting version 2.0.11 and earlier. The impact is remote code execution...

MP Form Mail CGI eCommerce edition vulnerable to code injection

Overview MP Form Mail CGI eCommerce edition provided by futomi Co., Ltd. is a CGI used to send mail from a web form. MP Form Mail CGI eCommerce edition contains a code injection vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...