Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2022/05/10 12:0 a.m.•38 views

JVN#60801132: GENEREX RCCMD vulnerable to directory traversal

RCCMD provided by GENEREX SYSTEMS Computervertriebsgesellschaft mbH contains a directory traversal vulnerability CWE-22. Impact Arbitrary files on the server may be viewed or altered by an attacker. Solution Update the software Update the software to the latest version according to the informatio...

6.5CVSS6.4AI score0.01445EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2022/05/09 12:0 a.m.•38 views

JVN#50337155: KOYO Electronics Screen Creator Advance2 vulnerable to authentication bypass

Screen Creator Advance2 provided by KOYO ELECTRONICS INDUSTRIES CO., LTD. is a screen development tool for KOYO ELECTRONICS's HMI. Screen Creator Advance2 contains an authentication bypass vulnerability CWE-807 due to the improper check for the Remote control setting's account names. Impact An...

7CVSS7.2AI score0.00209EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2022/01/13 12:0 a.m.•38 views

JVN#81479705: Label printers "TEPRA" PRO SR5900P / SR-R7900P vulnerable to insufficiently protected credentials

Label printers "TEPRA" PRO SR5900P / SR-R7900P provided by KING JIM CO.,LTD. contain an insufficiently protected credentials vulnerability CWE-522. Impact An attacker who can access the products via network may obtain credentials to connect to the Wi-Fi access point with the infrastructure mode...

4.3CVSS4.4AI score0.00342EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2021/12/22 12:0 a.m.•38 views

JVN#66422035: Android Apps developed using Yappli fails to restrict custom URL schemes properly

Yappli provided by Yappli, Inc. is an application development platform. Android Apps that are developed with Yappli provide the function to access a requested URL using Custom URL Scheme. The access to the function is not restricted properly CWE-939 which may be exploited to direct the App to...

8.1CVSS7.8AI score0.00842EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2021/06/30 12:0 a.m.•38 views

JVN#15185184: IkaIka RSS Reader vulnerable to cross-site scripting

IkaIka RSS Reader contains a cross-site scripting vulnerability CWE-79, due to the improper processing of RSS registration. Impact If a malicious RSS feed is loaded into the product, an arbitrary script may be executed on the web browser where the product is running. Solution Do not use IkaIka RS...

6.1CVSS6.1AI score0.00788EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2018/05/28 12:0 a.m.•38 views

JVN#16471686: WordPress plugin "Email Subscribers & Newsletters" vulnerable to cross-site scripting

The WordPress plugin "Email Subscribers & Newsletters" provided by Icegram contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged in user's web browser. Solution Update the plugin Update the plugin according to the information provid...

6.1CVSS6AI score0.01224EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/28 12:0 a.m.•38 views

JVN#21174546: Marp vulnerable to improper access control in JavaScript execution

Marp is a tool to create a presentation PDF with Markdown. Marp executes JavaScript inside the Markdown contents. Marp allows JavaScript to access local resources and files CWE-284. Impact When reading specially crafted Markdown contents, local files may be accessed and leaked to an external...

6.8CVSS5.1AI score0.00519EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/06 12:0 a.m.•38 views

JVN#32120290: Hands-on Vulnerability Learning Tool "AppGoat" vulnerable to information disclosure

AppGoat provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA is a hands-on vulnerability learning tool. Hands-on Vulnerability Learning Tool "AppGoat" for Web Application contains an information disclosure vulnerability. Impact When accessing a specially crafted URL, a local file...

4.3CVSS4.3AI score0.0114EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/06/05 12:0 a.m.•38 views

JVN#24087303: Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment may insecurely load Dynamic Link Libraries

Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact Arbitrary code may be executed with the privileges of the running application. Solution Use the latest...

7.8CVSS7.8AI score0.01093EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2017/05/16 12:0 a.m.•38 views

JVN#70411623: WordPress plugin "MaxButtons" vulnerable to cross-site scripting

The WordPress plugin "MaxButtons" provided by Max Foundry contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by the developer...

6.1CVSS6AI score0.01379EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/10/07 12:0 a.m.•38 views

JVN#32504719: Usermin cross-site scripting vulnerabilities

Usermin is a web-based interface used to manage webmail. Usermin contains reflected cross-site scripting vulnerabilities in /filter/saveforward.cgi, /filter/save.cgi and /man/search.cgi. Impact An arbitrary script may be executed on a logged in user's web browser. Solution Update the software...

6.1CVSS6.3AI score0.01114EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/09/16 12:0 a.m.•38 views

JVN#74244518: Splunk Enterprise and Splunk Light vulnerable to cross-site scripting

Splunk Enterprise and Splunk Light contain a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer. Products Affected Splunk...

4.8CVSS5.2AI score0.00631EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/09/06 12:0 a.m.•38 views

JVN#48237713: ADOdb vulnerable to cross-site scripting

ADOdb is a database abstraction layer for PHP. The library's test script test.php contains a cross-site scripting CWE-79 vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...

6.1CVSS6.2AI score0.01946EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/07/15 12:0 a.m.•38 views

JVN#68364327: WAONサービスアプリ App for Android fails to verify SSL server certificates

WAONサービスアプリ App for Android provided by AEON CO., LTD. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the information provided by...

5.9CVSS5.5AI score0.00898EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/05/30 12:0 a.m.•38 views

JVN#14749391: Multiple directory traversal vulnerabilities in Cybozu Garoon

Cybozu Garoon is a groupware. Cybozu Garoon contains following multiple directory traversal vulnerabilities. Directory traversal in the function "Files" - CVE-2016-1191 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N| Base Score: 5.3 CVSS v2|...

5.3CVSS5.3AI score0.01912EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/05/30 12:0 a.m.•38 views

JVN#40898764: DMM.com Securities FX Apps for Android fail to verify SSL server certificates

Multiple Android Applications provided by DMM.com Securities Co.,Ltd. fail to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the informati...

5.9CVSS5.5AI score0.00928EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/05/27 12:0 a.m.•38 views

JVN#46888319: Japan Connected-free Wi-Fi vulnerable to API execution

Japan Connected-free Wi-Fi provided by NTT Broadband Platform, Inc. contains a vulnerability which allows an arbitrary API to be executed by a man-in-the-middle attacker. Impact Android version of this app may allow an arbitrary API to be executed if permissions to execute that API are granted in...

5.6CVSS5.3AI score0.00782EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/05/26 12:0 a.m.•38 views

JVN#00460236: NetCommons vulnerable to privilege escalation

NetCommons provided by the NetCommons Project contains a privilege escalation vulnerability. Impact A user with secretariat privileges "CLERK" may create a user with system administrator privileges "SYSTEMADMIN". Solution Update the Software Update the software according to the information provid...

9CVSS8.8AI score0.01889EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2016/05/13 12:0 a.m.•38 views

JVN#91638315: FileMaker server issue where PHP source code may be viewable

FileMaker server contains an issue where PHP source code may be viewable when Custom Web Publishing with PHP is enabled. Impact PHP source code may be viewable. Solution Apply an Update Update to the latest version according to the information provided by the developer. Products Affected FileMake...

7.5CVSS7.6AI score0.01324EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/11/05 12:0 a.m.•38 views

JVN#80144272: Multiple TYPE-MOON games vulnerable to OS command injection

Multiple games provided by TYPE-MOON contain an OS command injection vulnerability CWE-78 due to an issue in loading save data. Impact When specially crafted save data is loaded, an arbitrary OS command may be executed. Solution Apply a Workaround The following workaround can mitigate the affects...

10CVSS6.9AI score0.0372EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/10/07 12:0 a.m.•39 views

JVN#21025396: Multiple PHP code execution vulnerabilitles in Cybozu Garoon

Cybozu Garoon is a groupware. Cybozu Garoon contains multiple PHP code execution vulnerabilities. CyVDB-863 Cybozu Garoon allows remote authenticated users to execute arbitrary PHP code, CyVDB-867 Cybozu Garoon allows remote authenticated users to execute arbitrary PHP code CVE-2015-5646 CyVDB-86...

8.5CVSS7.1AI score0.0169EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/07/29 12:0 a.m.•38 views

JVN#52248864: yoyaku_v41 vulnerable to authentication bypass

yoyakuv41 provided by Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains an authentication bypass vulnerability CWE-592. Impact A remote attacker could bypass yoyakuv41's authentication, and make an unintentional reservation. Solution Do not use yoyakuv41...

5CVSS6.9AI score0.01277EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/07/28 12:0 a.m.•38 views

JVN#86680970: Gazou BBS plus vulnerability in file upload processing

Gazou BBS plus provided by LEMON-S PHP contains a vulnerability in the processing of file uploads. Impact An image file may be specially crafted to upload arbitrary HTML files. Solution Apply an Update Apply the update according to the information provided by the provider. Products Affected Gazou...

5CVSS6.3AI score0.01344EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/07/10 12:0 a.m.•38 views

JVN#61935381: Simple Oekaki BBS vulnerability where arbitary files may be deleted

Simple Oekaki BBS provided by LEMON-S PHP contains a flaw in parsing the oekakis parameter in index.php, which may allow a remote attacker to delete arbitrary files. Impact A remote attacker may delete arbitrary files on the server. Solution Update the Software Update to the latest version...

6.4CVSS6.4AI score0.01643EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/04/23 12:0 a.m.•38 views

JVN#26860747: TransmitMail vulnerable to cross-site scripting

TransmitMail is a PHP based mail form. TransmitMail contains a cross-site scripting CWE-79 vulnerability due to the processing of file names. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the informatio...

4.3CVSS6AI score0.01122EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/12/09 12:0 a.m.•38 views

JVN#16406395: "File Upload BBS" of i-HTTPD vulnerable to remote command execution

i-HTTPD is a web server for Windows, implementing Server Side Includes SSI. i-HTTPD contains "File Upload BBS". When "File Upload BBS" is activated, a user can upload files on the server, and i-HTTPD processes SSI directives in the uploaded files CWE-97. Impact An arbitrary command may be execute...

7.5CVSS6.8AI score0.02103EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/12/03 12:0 a.m.•38 views

JVN#70490316: DBD::PgPP vulnerable to SQL injection

DBD::PgPP is a pure-Perl client interface for the PostgreSQL database. DBD::PgPP contains a SQL injection vulnerability. Impact If DBD::PgPP is used in a program, a remote attacker may execute an arbitrary SQL command. Solution Update the software Update to the latest version according to the...

9.8CVSS9.8AI score0.01559EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/08/19 12:0 a.m.•38 views

JVN#20812625: Advance-Flow vulnerable to SQL injection

Advance-Flow provided by OSK Co., LTD contains an issue in processing input data, which may result in SQL injection. Impact A user may obtain or alter information on the database. Solution Do not use Advance-Flow The developer has stated that the support of Advance-Flow has been discontinued thus...

7.5CVSS6.8AI score0.01164EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/07/15 12:0 a.m.•38 views

JVN#80583739: Cybozu Garoon vulnerable to cross-site scritping

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in the function "Notices portlet", which may result in a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of a user that is logged on. Solution Update the...

3.5CVSS5.8AI score0.00936EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/04/30 12:0 a.m.•38 views

JVN#90519014: Cybozu Garoon Phone Messages vulnerable to denial-of-service (DoS)

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains a denial-of-service DoS vulnerability in the Phone Messages function. Impact Processing input from a user who can log in to the system may cause denial-of-service DoS condition on the server by consuming high system...

3.5CVSS6.1AI score0.01055EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/03 12:0 a.m.•38 views

JVN#87729477: Cybozu Garoon vulnerable to session fixation

Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a session fixation vulnerability. Impact A remote, unauthenticated attacker may impersonate a registered user. As a result, information may be disclosed or altered. Solution Update the Software Update to the latest versi...

6.8CVSS6.3AI score0.01309EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/07/17 12:0 a.m.•38 views

JVN#68663052: Oracle Outside In vulnerable to denial-of-service (DoS)

Oracle Outside In is a library to decode over 500 file types. Oracle Outside In contains a denial-of-service DoS vulnerability. Impact When Oracle Outside In processes a specially crafted Hangul Word Processor file, the process may hang. Solution Apply an update Update to the latest version...

6.8CVSS5.7AI score0.01732EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/18 12:0 a.m.•38 views

JVN#65923092: VxWorks WebCLI vulnerable to denial-of-service (DoS)

The VxWorks WebCLI contains a denial-of-service DoS vulnerability due to an issue in parsing command strings. Impact An attacker that can login to a CLI session may cause the current CLI session to crash. Solution Apply a patch Apply the appropriate patch according to the information provided by...

4CVSS6.1AI score0.01878EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/14 12:0 a.m.•38 views

JVN#09223079: imgboard vulnerable to cross-site scripting

imgboard provided by imgboard.com CGI Download Center formerly 1998 t-club CGI Download Center is a bulletin board software that supports posting picture files. imgboard contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution...

4.3CVSS5.9AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/10/05 12:0 a.m.•39 views

JVN#58160713: MyWebSearch vulnerable to cross-site scripting

MyWebSearch is a CGI script for searching within a website. MyWebSearch contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the...

4.3CVSS6AI score0.01161EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/31 12:0 a.m.•38 views

JVN#77393797: Cybozu Live for Android vulnerable in the WebView class

Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains a vulnerability in the WebView class. Impact When there is a malicious file in the user's Android device, clicking a file:// hyperlink may lead to the malicious file being opened and information managed...

6.8CVSS6AI score0.01999EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 12:0 a.m.•38 views

JVN#58102473: WEB PATIO vulnerable to cross-site scripting

WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling cookies, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...

4.3CVSS6.3AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/24 12:0 a.m.•38 views

JVN#95378720: Multiple JustSystems products may insecurely load dynamic libraries

Multiple JustSystems products contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact Arbitrary code may be executed with the privileges of the running application. Solution Update the software Apply the appropriate update according to the...

6.9CVSS6.5AI score0.00405EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/24 12:0 a.m.•38 views

JVN#09619876: Multiple JustSystems products vulnerable to buffer overflow

Multiple products provided by JustSystems Corporation contain a buffer overflow vulnerability due to improper handling of image files. Impact If this vulnerability is exploited, a system may be crashed or arbitrary code may be executed. Solution Update the Software Apply the appropriate update...

9.3CVSS7.2AI score0.04227EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/13 12:0 a.m.•38 views

JVN#33283707: ActiveScriptRuby vulnerable to arbitrary Ruby script execution

ActiveScriptRuby is a software to implement Ruby into a Windows environment. ActiveScriptRuby contains a vulnerability where an arbitrary Ruby script may be executed on the web browser that can execute ActiveX controls when HTML is displayed. Impact A remote attacker may be able to obtain...

7.5CVSS6.5AI score0.01688EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/09 12:0 a.m.•38 views

JVN#56653852: SquirrelMail plugin Autocomplete vulnerable to cross-site scripting

The Autocomplete plugin in SquirrelMail searches for registered email addresses in user contacts as the user types into specific fields. The Autocomplete plugin contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the...

4.3CVSS5.9AI score0.01443EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/02/10 12:0 a.m.•38 views

JVN#79099262: Apache Struts 2 vulnerable to an arbitrary Java method execution

Apache Struts 2 is a framework to create Java web applications. Apache Struts 2 contains an arbitrary Java method execution vulnerability due to improper conversion in OGNL expression if a non-string property is contained in action. Impact If a remote attacker sends a malformed request parameter ...

10CVSS9.5AI score0.1388EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/08/16 12:0 a.m.•38 views

JVN#72854072: Aipo vulnerable to cross-site request forgery

Aipo from Aimluck, Inc. is groupware including functions such as scheduler and intra-office blogging. Aipo contains a cross-site request forgery vulnerability. Impact If an administrative user views a malicious page while logged into Aipo, data stored within Aipo may be altered. Solution Update t...

6.8CVSS6.1AI score0.00586EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/07/28 12:0 a.m.•38 views

JVN#74649877: Mozilla Firefox vulnerable to cross-site scripting

Mozilla Firefox contains a vulnerability in the rendering of Cascading Style Sheets CSS, which may result in cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided ...

6.1CVSS5.8AI score0.00697EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/06/24 12:0 a.m.•38 views

JVN#59779256: Cybozu Garoon vulnerable to cross-site scripting

Cybozu Garoon is a groupware. Cybozu Garoon contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the web browser of an user who is logged on. Solution Update the software Update to the latest version according to the information provided by the developer...

4.3CVSS5.8AI score0.01042EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2011/02/16 12:0 a.m.•38 views

JVN#71542734: F-Secure Internet Gatekeeper for Linux authentication issue

F-Secure Internet Gatekeeper for Linux provided by F-Secure Corporation is an anti-virus product. F-Secure Internet Gatekeeper for Linux contains an issue where authentication is not present. Impact A remote attacker may view access logs that are stored by the product. Solution Update the firmwar...

5CVSS6.3AI score0.02347EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/20 12:0 a.m.•38 views

JVN#68536660: Archive Decoder may insecurely load executable files

Archive Decoder is a file extraction software that supports multiple file formats. Archive Decoder loads certain executables .exe when extracting files. Archive Decoder contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary cod...

6.9CVSS7.2AI score0.00283EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/05/17 12:0 a.m.•38 views

JVN#90248889: Interstage Application Server vulnerable in request processing

The Servlet service provided by the Interstage Application Server from Fujitsu Limited, contains a vulnerability where certain requests may be handled improperly depending on the settings at the load balancing device. Impact Invalid requests may be processed or user information may be leaked...

6.4CVSS6.3AI score0.01564EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/01/12 12:0 a.m.•38 views

JVN#33977065 WebCalenderC3 cross-site scripting vulnerability

WebCalenderC3 from C3 Corp. is a calender software. WebCalenderC3 contains a cross-site scripting vulnerability. According to the developer, they were not able to reproduce the vulnerability. However, to mitigate against potential security risks, the developer has released a security enhanced...

4.3CVSS6AI score0.01074EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/15 12:0 a.m.•38 views

JVN#00152874 P forum vulnerable to directory traversal

P forum from Rocomotion is a bulletin board software. P forum contains a directory traversal vulnerability. Impact A remote attacker could view an arbitrary file on the server. Solution Update the Software Update to the latest version according to the information provided by the developer. This...

5CVSS6.5AI score0.01599EPSS
Exploits0
Total number of security vulnerabilities5000