Lucene search
K

10 matches found

Openbugbounty
Openbugbounty
added 2024/01/27 3:0 a.m.6 views

terada-kougyou.co.jp Improper Access Control vulnerability OBB-3844390

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2021/09/04 10:31 a.m.22 views

terada-ele.co.jp Cross Site Scripting vulnerability OBB-2132716

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
Openbugbounty
Openbugbounty
added 2018/05/07 9:21 a.m.10 views

terada-ele.co.jp XSS vulnerability

Open Bug Bounty ID: OBB-613272 Description| Value ---|--- Affected Website:| terada-ele.co.jp Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
RedHat Linux
RedHat Linux
added 2017/05/08 6:45 a.m.70 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7.1AI score0.18756EPSS
Exploits24References31
RubySec
RubySec
added 2015/12/09 12:0 a.m.31 views

SMTP command injection

Net::SMTP is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF sequences immediately before and after a DATA substring. Applications that validate email address format are not affected by this vulnerability. The injection attack is...

6.1CVSS6.9AI score0.03675EPSS
Exploits1References1Affected Software1
FreeBSD
FreeBSD
added 2015/11/05 12:0 a.m.13 views

PHPmailer -- SMTP injection vulnerability

PHPMailer changelog reports: Fix vulnerability that allowed email addresses with line breaks valid in RFC5322 to pass to SMTP, permitting message injection at the SMTP level. Mitigated in both the address validator and in the lower-level SMTP class. Thanks to Takeshi Terada...

1.6AI score
Exploits0References1
exploitpack
exploitpack
added 2014/01/14 12:0 a.m.47 views

Apache Struts2 2.0.0 2.3.15 - Prefixed Parameters OGNL Injection

Apache Struts2 2.0.0 2.3.15 - Prefixed Parameters OGNL Injection CVE Number: CVE-2013-2251 Title: Struts2 Prefixed Parameters OGNL Injection Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was...

9.3CVSS0.4AI score0.99998EPSS
Exploits20
Packet Storm
Packet Storm
added 2013/08/13 12:0 a.m.34 views

CakePHP 2.3.7 / 2.2.8 Local File Inclusion

CVE Number: N/A not assigned Title: CakePHP AssetDispatcher Local File Inclusion Vulnerability Affected Software: Confirmed on CakePHP v2.3.7, v2.2.8 prior versions may also be affected Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.8 & 2.2.9 was released which...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2013/08/13 12:0 a.m.72 views

Struts2 2.3.15 Open Redirect

CVE Number: CVE-2013-2248 Title: Struts2 Prefixed Parameters Open Redirect Vulnerability Affected Software: Apache Struts v2.0.0 - 2.3.15 Credit: Takeshi Terada of Mitsui Bussan Secure Directions, Inc. Issue Status: v2.3.15.1 was released which fixes this vulnerability Issue ID by Vender: S2-017...

5.8CVSS8.9AI score0.94654EPSS
Exploits4
Packet Storm
Packet Storm
added 2013/01/08 12:0 a.m.53 views

Chrome For Android Download Function Information Disclosure

CVE Number: CVE-2012-4906 Title: Chrome for Android - Download Function Information Disclosure Affected Software: Confirmed on Chrome for Android v18.0.1025123 Credit: Takeshi Terada Issue Status: v18.0.1025308 was released which fixes this vulnerability Overview: Rogue Android apps can steal...

5CVSS6.5AI score0.03103EPSS
Exploits1
Rows per page
Query Builder