EUVD-2015-0898

Malware in sbrugna...

KENT-WEB Joyful Note Arbitrary Code Execution Vulnerability

KENT-WEB Joyful Note is a suite of message board applications from the Japanese company KENT-WEB. A security vulnerability exists in KENT-WEB Joyful Note versions prior to 5.3. A remote attacker can exploit the vulnerability to delete or write arbitrary files and execute arbitrary code...

CVE-2015-0889

KENT-WEB Joyful Note is affected by a vulnerability in how it handles uploaded files, allowing remote attackers to create or delete arbitrary files and, consequently, execute arbitrary code. The flaw exists in Joyful Note versions prior to a released fix (reported as affected up to 5.3 in CVE con...

CVE-2015-0889

KENT-WEB Joyful Note before 5.3 allows remote attackers to delete files or write to files, and consequently execute arbitrary code, via vectors involving an article...

Joyful Note vulnerability in handling files

Overview Joyful Note from KENT-WEB is a bulletin board software that allows users to upload binary files such as image files. Joyful Note contains a vulnerability in handling files. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

JVN#88862608: Joyful Note vulnerability in handling files

Joyful Note from KENT-WEB is a bulletin board software that allows users to upload binary files such as image files. Joyful Note contains a vulnerability in handling files. Impact A remote attacker may create arbitrary files or delete existing files on the server. As a result, arbitrary code may ...

CVE-2014-0812

Cross-site scripting XSS vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-0812

Joyful Note (KENT-WEB) is affected by a cross-site scripting (XSS) vulnerability in Joyful Note version 2.8 and earlier. The issue enables arbitrary script execution in the victim’s browser (via unspecified vectors) when using affected software. Root cause details in connected JVN records indicat...

CVE-2014-0812

Cross-site scripting XSS vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Joyful Note vulnerable to cross-site scripting

Overview Joyful Note from KENT-WEB is a bulletin board software that a user can upload a binary file such as an image file. Joyful Note contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an update Update to the lates...

JVN#30718178: Joyful Note vulnerable to cross-site scripting

Joyful Note from KENT-WEB is a bulletin board software that a user can upload a binary file such as an image file. Joyful Note contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an update Update to the latest version...