12 matches found
EUVD-2016-8693
Malware in sbrugna...
EUVD-2016-8694
Malware in sbrugna...
Design/Logic Flaw
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload arbitrary files as a user profile image, which may be exploited for unauthorized file sharing...
CVE-2016-7845
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload arbitrary files as a user profile image, which may be exploited for unauthorized file sharing...
CVE-2016-7845
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to upload arbitrary files as a user profile image, which may be exploited for unauthorized file sharing...
CVE-2016-7844
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template...
CVE-2016-7844
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template...
CVE-2016-7844
CVE-2016-7844 is linked to GigaCC OFFICE, with affected versions up to 2.3 and earlier. The connected JVN entry (J VNDB-2017-001053) identifies the root cause as a misconfiguration of the Apache Velocity template engine used for sending emails. This misconfiguration can allow a remote attacker to...
CVE-2016-7845
CVE-2016-7845 affects GigaCC OFFICE (ver. 2.3 and earlier). The vulnerability allows remote attackers to upload arbitrary files as a user profile image, enabling potential unauthorized file sharing. The JVN/JVNDB entry and JVNDB-2017-001054 description corroborate an arbitrary file upload via the...
CVE-2016-7844
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via specially crafted mail template...
Arbitrary file upload vulnerability in GigaCC OFFICE
Overview GigaCC OFFICE provided by WAM!NET Japan K.K. contains a vulnerability where arbitrary files may be uploaded. WAM!NET Japan K.K. and the following people reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and WAM!NET Japan K.K. coordinated...
Mis-configuration of Apache Velocity template engine used to send emails in GigaCC OFFICE
Overview GigaCC OFFICE provided by WAM!NET Japan K.K. contains mis-configuration of Apache Velocity template engine which is used to send emails. WAM!NET Japan K.K. and the following people reported these vulnerabilities to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and...