EUVD-2015-3072

Malware in sbrugna...

EUVD-2015-3053

Malware in sbrugna...

EUVD-2015-3052

Malware in sbrugna...

JVN#05493467: Simple keitai chat vulnerable to cross-site scripting

Simple keitai chat provided by LEMON-S PHP contains reflected and stored cross-site scripting vulnerabilities CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Simple keitai chat Simple keitai chat is no longer being developed or maintained. It is...

CVE-2015-2989

Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter...

JVN#77193915: Twit BBS vulnerable to cross-site scripting

Twit BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of imagetitle parameter in index.php. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Twit BBS Twit BBS is no longer being developed or...

CVE-2015-2974

LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file...

JVN#86680970: Gazou BBS plus vulnerability in file upload processing

Gazou BBS plus provided by LEMON-S PHP contains a vulnerability in the processing of file uploads. Impact An image file may be specially crafted to upload arbitrary HTML files. Solution Apply an Update Apply the update according to the information provided by the provider. Products Affected Gazou...

LEMON-S PHP Simple Oekaki BBS Cross-Site Scripting Vulnerability

LEMON-S PHP Simple Oekaki BBS is a PHP-based electronic bulletin board BBS script. A cross-site scripting vulnerability exists in the index.php script in LEMON-S PHP Simple Oekaki BBS versions prior to 1.21. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

CVE-2015-2969

Cross-site scripting XSS vulnerability in index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to inject arbitrary web script or HTML via the oekakis parameter...

CVE-2015-2969

CVE-2015-2969 corresponds to a persistent XSS in LEMON-S PHP Simple Oekaki BBS before version 1.21. The vulnerability is triggered in index.php through the oekakis parameter, allowing remote attackers to inject arbitrary scripts/HTML. Affected software: Simple Oekaki BBS ≤ v1.20 (prior to 1.21). ...

CVE-2015-2970

index.php in LEMON-S PHP Simple Oekaki BBS before 1.21 allows remote attackers to delete arbitrary files via the oekakis parameter...

JVN#61935381: Simple Oekaki BBS vulnerability where arbitary files may be deleted

Simple Oekaki BBS provided by LEMON-S PHP contains a flaw in parsing the oekakis parameter in index.php, which may allow a remote attacker to delete arbitrary files. Impact A remote attacker may delete arbitrary files on the server. Solution Update the Software Update to the latest version...