EUVD-2016-8666

Malware in sbrugna...

EUVD-2018-1514

Malware in sbrugna...

JVN#93064451: Multiple SHARP Android devices vulnerable to information disclosure

Multiple SHARP Android devices contain an information disclosure vulnerability CWE-200. Impact Sensitive information of the device may be obtained by the other android application installed in the device. Solution Update the Firmware Update the firmware to the latest version according to the...

keitai-site.net mailform cross-site scripting vulnerability

keitai-site.net mailform is a mail form plugin written in PHP. A cross-site scripting vulnerability exists in keitai-site.net mailform version 1.04. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

keitai-site.net mailform code injection vulnerability

keitai-site.net mailform is a mail form plugin written in PHP. A code injection vulnerability exists in keitai-site.net mailform version 1.04. A remote attacker can exploit this vulnerability to execute arbitrary PHP code...

JVN#77634892: mailform vulnerable to PHP code execution

mailform provided by keitai-site.net is a PHP script providing a mail form function to a website. mailform contains a PHP code execution vulnerability CWE-94 on the server where the product is running. Impact Arbitrary PHP code may be executed on the server where the product is running. Solution...

CVE-2018-0704

Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen...

CVE-2018-0704

Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen...

Directory traversal

Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen...

CVE-2018-0704

CVE-2018-0704 affects Cybozu Office 10.0.0–10.8.1. It is a directory traversal vulnerability (CWE-22) in processing HTTP parameters, exploitable via Keitai Screen to delete arbitrary files on the server. Affected versions: Cybozu Office 10.0.0 to 10.8.1. Root cause: improper validation/handling o...

CVE-2018-0704

Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen...

CVE-2016-7817

Cross-site scripting vulnerability in Simple keitai chat 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-7817

Cross-site scripting vulnerability in Simple keitai chat 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting vulnerability in Simple keitai chat 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2016-4906

Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai...

CVE-2016-7817

CVE-2016-7817 is a cross-site scripting vulnerability in the Simple keitai chat PHP application (2.0 and earlier) attributed to CWE-79. The vulnerability allows an attacker to induce the execution of arbitrary script or HTML in a victim’s browser, with the JVN/JVNDB entries describing both reflec...

CVE-2016-7817

Cross-site scripting vulnerability in Simple keitai chat 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Keitai Kit for Movable Type vulnerable to OS command injection

Overview Keitai Kit for Movable Type contains an OS command injection vulnerability. Keitai Kit for Movable Type provided by ideaman's Inc. contains an OS command injection vulnerability CWE-78. CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection'...

JVN#05493467: Simple keitai chat vulnerable to cross-site scripting

Simple keitai chat provided by LEMON-S PHP contains reflected and stored cross-site scripting vulnerabilities CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Simple keitai chat Simple keitai chat is no longer being developed or maintained. It is...

Keitai Kit for Movable Type Operating System Command Injection Vulnerability

Six Apart Movable Type MT is a blogging system. keitai Kit is a security check plugin used in it. Keitai Kit for Movable Type is vulnerable, which can be exploited by remote attackers to execute arbitrary OS commands upon submission of a special request...