CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A SQL injection vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to submit specially crafted SQL queries or obtain database data...

7.5CVSS8.1AI score0.00413EPSS

Exploits0References1

CNVD•added 2015/11/01 12:0 a.m.•2 views

Techno Project Japan Enisys Gw Cross-Site Scripting Vulnerability

Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A cross-site scripting vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to inject malicious script or HTML code that, when viewed with malicious data,...

4.3CVSS6.2AI score0.00322EPSS

Exploits0References1

CNVD•added 2015/11/01 12:0 a.m.•2 views

Techno Project Japan Enisys Gw Arbitrary Code Execution Vulnerability

Techno Project Japan Enisys Gw is an open source groupware software from Techno Project Japan. A security vulnerability exists in Techno Project Japan Enisys Gw. The vulnerability allows remote attackers to write to arbitrary files and execute arbitrary code...

6.5CVSS7.5AI score0.01272EPSS

Exploits0References1

NVD•added 2015/10/29 11:59 a.m.•14 views

CVE-2015-5670

Cross-site scripting XSS vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.00322EPSS

Exploits0References3

NVD•added 2015/10/29 11:59 a.m.•8 views

CVE-2015-5668

SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS8.4AI score0.00413EPSS

Exploits0References3

Prion•added 2015/10/29 11:59 a.m.•16 views

Cross site scripting

Cross-site scripting XSS vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.00322EPSS

Exploits0References3Affected Software1

Prion•added 2015/10/29 11:59 a.m.•8 views

Design/Logic Flaw

Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to bypass intended access restrictions and read arbitrary uploaded files via unspecified vectors...

5CVSS7.3AI score0.00207EPSS

Exploits0References3Affected Software1

Prion•added 2015/10/29 11:59 a.m.•7 views

Sql injection

SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.00413EPSS

Exploits0References3Affected Software1

Cvelist•added 2015/10/29 10:0 a.m.•17 views

CVE-2015-5669

Techno Project Japan Enisys Gw before 1.4.1 allows remote authenticated users to write to arbitrary files and consequently execute arbitrary code via unspecified vectors...

7.3AI score0.01272EPSS

Exploits0References3

Cvelist•added 2015/10/29 10:0 a.m.•13 views

CVE-2015-5668

SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

8.4AI score0.00413EPSS

Exploits0References3

Cvelist•added 2015/10/29 10:0 a.m.•18 views

CVE-2015-5670

Cross-site scripting XSS vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.00322EPSS

Exploits0References3

CVE•added 2015/10/29 10:0 a.m.•42 views

CVE-2015-5668

The CVE-2015-5668 entry concerns Techno Project Japan Enisys Gw, an open-source groupware product. A SQL injection vulnerability (CWE-89) exists in Enisys Gw prior to 1.4.1, allowing remote, unauthenticated attackers to submit specially crafted SQL queries to obtain or alter data stored in the da...

7.5CVSS8.7AI score0.00413EPSS

Exploits0References3Affected Software1

CVE•added 2015/10/29 10:0 a.m.•43 views

CVE-2015-5670

CVE-2015-5670 affects Enisys Gw (Techno Project Japan Co.) prior to version 1.4.1, with an XSS vulnerability (CWE-79) that allows remote injection of arbitrary script/HTML via unspecified vectors. The JVN entries and NVD description confirm the issue and specify affected versions as 1.4.0 and ear...

4.3CVSS5.8AI score0.00322EPSS

Exploits0References3Affected Software1

CVE•added 2015/10/29 10:0 a.m.•35 views

CVE-2015-5671

CVE-2015-5671 concerns Techno Project Japan’s Enisys Gw open-source groupware. Affected: Enisys Gw 1.4.0 and earlier. Root cause: failure to restrict access permissions, allowing a remote unauthenticated attacker to read arbitrary files uploaded to the product via unspecified vectors. Impact, as ...

5CVSS7AI score0.00207EPSS

Exploits0References3Affected Software1

CVE•added 2015/10/29 10:0 a.m.•40 views

CVE-2015-5669

Enisys Gw (Techno Project Japan) is affected up to version 1.4.0; CVE-2015-5669 describes a vulnerability that allows a remote authenticated user to create arbitrary files, which can lead to arbitrary code execution on the server. The JVN entry specifies Enisys Gw 1.4.0 and earlier as affected, w...

6.5CVSS7.5AI score0.01272EPSS

Exploits0References3Affected Software1

Japan Vulnerability Notes•added 2015/10/29 4:46 a.m.•1 views

Enisys Gw vulnerable to cross-site scripting

Overview Enisys Gw provided by Techno Project Japan Co. is an open source groupware. Enisys Gw contains a cross-site scripting vulnerability CWE-79. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

4.3CVSS6AI score0.00322EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by