19 matches found
EUVD-2015-0877
Malware in sbrugna...
EUVD-2015-0893
Malware in sbrugna...
JVN#21177718: Real-time Bus Tracking System vulnerable to improper validation of specified quantity in input
Real-time Bus Tracking System provided by SYNCK GRAPHICA contains the following vulnerability. Improper validation of specified quantity in input CWE-1284 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Base Score 5.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Base Score 4.3...
SYNCK GRAPHICA Mailform Pro CGI 安全漏洞
SYNCK GRAPHICA Mailform Pro CGI is a mail form from SYNCK GRAPHICA Japan. It can be used as a multiple transmission, questionnaire form, and application form. A security vulnerability exists in SYNCK GRAPHICA Mailform Pro CGI versions prior to 4.3.4, which originates from an error message...
SYNCK GRAPHICA Mailform Pro CGI 安全漏洞
SYNCK GRAPHICA Mailform Pro CGI is a mail form from SYNCK GRAPHICA Japan. It can be used as a multiple transmission, questionnaire form, and application form. A security vulnerability exists in SYNCK GRAPHICA Mailform Pro CGI version 4.3.1.3 and earlier, which stems from the presence of a Regular...
JVN#70502982: SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS)
Mailform Pro CGI provided by SYNCK GRAPHICA contains a Regular expression Denial-of-Service ReDoS vulnerability CWE-1333. Impact A remote attacker may be able to cause a denial-of-service DoS. Solution Update the Software Update the software to the latest version according to the information...
JVN#34205166: SYNCK GRAPHICA Mailform Pro CGI vulnerable to information disclosure
Mailform Pro CGI provided by SYNCK GRAPHICA contains an information disclosure vulnerability CWE-200. Thanks module of this product saves user input data for a certain period of time. The time is set to 30 seconds by default in configs/thanks.cgi file. To exploit this vulnerability, it is require...
SYNCK GRAPHICA Mailform Pro CGI 信息泄露漏洞
SYNCK GRAPHICA Mailform Pro CGI is a mail form from SYNCK GRAPHICA Japan. It can be used as a multiple transmission, questionnaire form, and application form. A security vulnerability exists in SYNCK GRAPHICA Mailform Pro CGI prior to version 4.3.1, which stems from the Thanks module saving user...
Code injection
SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote attackers to execute arbitrary code via unspecified vectors...
CVE-2015-0883
SYNCK GRAPHICA Mailform Pro CGI (4.1.4–4.1.5) is vulnerable when the MailAuth module is enabled. A flaw in the email sending process allows remote attackers to execute arbitrary code on the server. Affected component: Mailform Pro CGI’s mail sending path (MailAuth-enabled). Impact: remote arbitra...
CVE-2015-0883
SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not properly send e-mail messages, which allows remote attackers to execute arbitrary code via unspecified vectors...
JVN#30135729: SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution
Mailform Pro CGI provided by SYNCK GRAPHICA contains a flaw in the process of sending emails, which may result in an arbitrary code execution. Impact Arbitrary code may be executed on the server. Solution Update the Software Update to the latest version according to the information provided by th...
SYNCK GRAPHICA Download Log CGI Directory Traversal Vulnerability
A directory traversal vulnerability in the SYNCK GRAPHICA Download Log CGI allows remote attackers to overwrite arbitrary files in an application context using a directory traversal sequence with a specially crafted request '... /' to overwrite arbitrary files in the context of an application...
CVE-2015-0867
Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI 3.0 and earlier allows remote attackers to read arbitrary files via a crafted filename...
Directory traversal
Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI 3.0 and earlier allows remote attackers to read arbitrary files via a crafted filename...
CVE-2015-0867
CVE-2015-0867 is a directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI, affecting version 3.0 and earlier. The flaw allows remote attackers to read arbitrary files by supplying a crafted filename. Public disclosures in JVN/NVD indicate root cause in the Download Log CGI’s file-na...
CVE-2015-0867
Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI 3.0 and earlier allows remote attackers to read arbitrary files via a crafted filename...
SYNCK GRAPHICA Download Log CGI vulnerable to directory traversal
Overview Download Log CGI provided by SYNCK GRAPHICA contains an issue in processing file names, which may result in a directory traversal vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...
JVN#88559134: SYNCK GRAPHICA Download Log CGI vulnerable to directory traversal
Download Log CGI provided by SYNCK GRAPHICA contains an issue in processing file names, which may result in a directory traversal vulnerability. Impact A remote attacker may obtain arbitrary files on the server. Solution Update the Software Update to the latest version according to the informatio...