CVE-2020-21142

Cross Site Scripting XSS vulnerabilty in IPFire 2.23 via the IPfire web UI in the mail.cgi...

CVE-2023-39933

Insufficient verification vulnerability exists in Broadcast Mail CGI pmc.exe included in A.K.I Software's PMailServer/PMailServer2 products. If this vulnerability is exploited, a user who can upload files through the product may execute an arbitrary executable file with the web server's execution...

Multiple vulnerabilities in CGIs of PMailServer and PMailServer2

Overview CGIs included with PMailServer and PMailServer2 provided by A.K.I Software contain multiple vulnerabilities listed below. Stored cross-site scripting vulnerability CWE-79 - CVE-2023-39223 Insufficient verification vulnerability in Broadcast Mail CGI pmc.exe CWE-434 - CVE-2023-39933...

MP Form Mail CGI eCommerce Edition vulnerable to OS command injection

Overview MP Form Mail CGI eCommerce Edition provided by futomi Co., Ltd. is a CGI used to send mail from a web form. MP Form Mail CGI eCommerce Edition contains an OS command injection vulnerability CWE-78. Daiki Ichinose of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA...

CVE-2016-1212

Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors...

CVE-2016-1212

CVE-2016-1212 affects Futomi MP Form Mail CGI Professional Edition up to version 3.2.3, exposing a directory traversal vulnerability (CWE-22). The flaw allows remote authenticated administrators to read arbitrary files on the server via unspecified vectors. Public records from NVD/JVN describe th...

MP Form Mail CGI Professional Edition vulnerable to directory traversal

Overview MP Form Mail CGI Professional Edition provided by futomi Co., Ltd. contains a directory traversal vulnerability CWE-22. Yuuta Watanabe of STNet, Incorporated reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

Futomi CGI Cafe MP Form Mail CGI eCommerce Arbitrary Code Execution Vulnerability

Futomi CGI Cafe MP Form Mail CGI eCommerce on Windows is a Windows-based CGI for sending emails from Web forms by Futomi Japan. A security vulnerability exists in Futomi CGI Cafe MP Form Mail CGI eCommerce on Windows platform prior to version 2.0.12. A remote attacker can exploit the vulnerabilit...

CVE-2015-0898

futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows allows remote attackers to execute arbitrary Perl code via unspecified vectors...

Design/Logic Flaw

Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI eCommerce 1.3.0 and earlier, and CGI Professional 3.2.2 and earlier, allows remote attackers to gain administrative privileges via unknown attack vectors...

MP Form Mail CGI vulnerability allows third party to gain administrative privileges

Overview MP Form Mail CGI from futomi's CGI Cafe contains a vulnerability that allows an attacker to gain administrative privileges. MP Form Mail CGI from futomi's CGI Cafe is a software for sending contents entered into an HTML form via email. MP Form Mail CGI contains a vulnerability that allow...

CVE-2003-0057

Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code 1 via a long attachment filename that is not properly handled by the hypermail executable, or 2 by connecting to the mail CGI program from an IP address...