10 matches found
EUVD-2015-3404
Malware in sbrugna...
JVN#17522792: yoyaku_v41 vulnerable to OS command injection
yoyakuv41 provided by Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains an OS command injection vulnerability CWE-78. Impact An arbitrary OS command may be executed with the privileges of the web server on the server where yoyakuv41 is running. Solution Do no...
CVE-2015-3359
Multiple cross-site scripting XSS vulnerabilities in the Room Reservations module before 7.x-1.1 for Drupal allow remote authenticated users with the "Administer the room reservations system" permission to inject arbitrary web script or HTML via the 1 node title of a "Room Reservations Category" ...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Room Reservations module before 7.x-1.1 for Drupal allow remote authenticated users with the "Administer the room reservations system" permission to inject arbitrary web script or HTML via the 1 node title of a "Room Reservations Category" ...
CVE-2015-3359
Summary: CVE-2015-3359 concerns multiple XSS vulnerabilities in the Drupal Room Reservations module (7.x-1.x) prior to 7.x-1.1. Affected component: Room Reservations module for Drupal 7.x. Root cause: module fails to sufficiently sanitize input in the node title of Room Reservations Category and ...
CVE-2015-3359
Multiple cross-site scripting XSS vulnerabilities in the Room Reservations module before 7.x-1.1 for Drupal allow remote authenticated users with the "Administer the room reservations system" permission to inject arbitrary web script or HTML via the 1 node title of a "Room Reservations Category" ...
Multiple Cross-Site Scripting Vulnerabilities in Drupal Room Reservations Module
Drupal is a free and open source content management system developed in PHP. Multiple cross-site scripting vulnerabilities exist in the Drupal Room Reservations module because it fails to properly filter user-supplied input. An attacker could use these vulnerabilities to execute arbitrary script...
JVN#05857667 Webservice-DIC yoyaku_v41 vulnerable to command injection
yoyakuv41 from Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a command injection vulnerability. This vulnerability is different from JVN80436657. Impact An arbitrary command could be executed with the privilege of the server where yoyakuv41 runs. Solution...
JVN#80436657 Webservice-DIC yoyaku_v41 vulnerable to command injection
yoyakuv41 from Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a command injection vulnerability. Impact An arbitrary command could be executed with the privilege of the server where yoyakuv41 runs. Solution Update the Software Update to the latest version...
JVN#57036470 Cross-site scripting vulnerability in leger (free edition)
leger free edition from 'AD2000' is a software to manage conference room reservations. leger free edition contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...