EUVD-2014-5961

Malware in sbrugna...

dopvCOMET* vulnerable to cross-site scripting

Overview dopvCOMET provided by bayashi.net is a software to analyze web access logs. dopvCOMET contains a cross-site scripting vulnerability. Masahiro YAMADA reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

JVN#36339873: dopvSTAR* vulnerable to cross-site scripting

dopvSTAR provided by bayashi.net is a software to analyze web access logs. dopvSTAR contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Modify the JavaScript Modify the JavaScript that enables to log accesses, according to...

JVN#23563149: KENT-WEB ACCESS REPORT vulnerable to cross-site scripting

ACCESS REPORT provided by KENT-WEB is a software to analyze web access logs. ACCESS REPORT contains a cross-site scripting vulnerability. This is caused by a particular method in which tags are embedded into the web page. Note that this vulnerability is different from JVN68830017. Impact An...

JVN#82744714 Cross-site scripting vulnerability in apricot.php from LovPop.net

apricot.php from LovPop.net is a software to analyze web access logs. apricot.php contains a cross-site scripting vulnerability. Note that future releases and maintenance of apricot.php ended on March 19, 2009. Users who wish to analyze access logs are recommended to use a different product that...

JVN#23558374 Cross-site scripting vulnerability in Access Analyzer CGI Standard Version (Ver. 3.x)

Access Analyzer CGI Standard Version provided by futomi's CGI Cafe is a software to analyze web access logs. Access Analyzer CGI Standard Version Ver. 3.x contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the...