Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/03/17 4:43 a.m.•4 views

Demaecan for Android. contains an issue where it fails to verify SSL server certificates

Overview Demaecan for Android. contains an issue where it fails to verify SSL server certificates. kurisu and matt reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-minddle attack may allow an...

5.8CVSS6.5AI score0.00587EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/02/21 5:16 a.m.•4 views

AutoCAD vulnerable to arbitrary VBScript execution

Overview AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design CAD. AutoCAD loads specific FAS files when opening files. AutoCAD contains an issue with the FAS file search path, which may lead to arbitrary VBScript code execution. kaito834 reported this vulnerability to...

7.5CVSS7.4AI score0.02493EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/28 5:48 a.m.•4 views

Sanshiro Series vulnerable to arbitrary code execution

Overview The "Sanshiro" series software provided by JustSystems Corporation is a spreadsheet software. The "Sanshiro" series contains a vulnerability that may allow arbitrary code execution. Impact When a user opens a specially crafted file, arbitrary code may be executed. Solution Update the...

9.3CVSS7.5AI score0.03498EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/10 5:42 a.m.•4 views

Security File Manager vulnerable to directory traversal

Overview Security File Manager provided by CGENE Inc contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5.8CVSS7AI score0.01249EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/10 5:41 a.m.•4 views

tetra filer vulnerable to directory traversal

Overview tetra filer provided by Yuichiro Okuyama contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5.8CVSS6.9AI score0.01249EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/26 3:32 a.m.•4 views

HP Autonomy Ultraseek vulnerable to cross-site scripting

Overview HP Autonomy Ultraseek provided by Hewlett-Packard Development Company, L.P. contains an issue in handling specific character encoding, which may result in cross-site scripting. NetAgent Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...

3.5CVSS6.3AI score0.01826EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/25 3:22 a.m.•4 views

Cybozu Garoon Keitai vulnerable to authentication bypass

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon Keitai contains an authentication bypass vulnerability. Impact When an attacker sends a specially crafted request that includes a user ID for a user that has the Keitai function enabled, authentication using Keitai may b...

5.8CVSS6.8AI score0.01986EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/25 3:21 a.m.•4 views

Cybozu Garoon vulnerable to SQL injection

Overview Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains an issue in processing input through API, which may result in SQL injection. Impact A user who can log in to the system may alter information stored in the database. Solution Apply the Patch Apply the appropria...

6.5CVSS7.2AI score0.01554EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/13 3:23 a.m.•4 views

Juniper ScreenOS vulnerable to denial-of-service (DoS)

Overview ScreenOS provided by Juniper Networks contains a denial-of-service DoS vulnerability. Shuichiro Suzuki of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When processing a malicious packe...

7.8CVSS6.6AI score0.01881EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/22 5:51 a.m.•4 views

D-Link DES-3800 Series vulnerable to denial-of-service (DoS)

Overview DES-3800 Series provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in the Web manager function. Note that this vulnerability is different from JVN65312543. Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA...

7.8CVSS6.7AI score0.01772EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/20 6:34 a.m.•4 views

EC-CUBE vulnerable to cross-site scripting

Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a vulnerability in processing the output of error messages, which may lead to cross-site scripting. Gen Sato reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

4.3CVSS6.2AI score0.01207EPSS
Exploits1References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 6:12 a.m.•4 views

D-Link DES-3810 Series vulnerable to denial-of-service (DoS)

Overview DES-3810 Series provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in SSH implementation. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

6.8CVSS6.6AI score0.01054EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/07/17 4:45 a.m.•4 views

Oracle Outside In vulnerable to buffer overflow

Overview Oracle Outside In is a library to decode over 500 file types. Oracle Outside In contains a buffer overflow vulnerability. Takahiro Haruyama of Internet Initiative Japan Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

7.5CVSS7.5AI score0.01385EPSS
Exploits0References18
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/27 5:35 a.m.•4 views

CLIP-MAIL vulnerable to cross-site scripting

Overview CLIP-MAIL provided by KENT-WEB contains an issue in the webpage output of strings entered in the form, which may result in a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version...

4.3CVSS6.2AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/27 5:29 a.m.•4 views

EC-CUBE vulnerable to code injection

Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a code injection vulnerability. Gen Sato reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

7.5CVSS7.3AI score0.04285EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/18 6:20 a.m.•4 views

Cybozu Live for Android vulnerable in the WebView class

Overview Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains a vulnerability in the WebView class. Note that this vulnerability is a regression in version 2.0.0 of the issue in JVN77393797. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported...

6.8CVSS6.5AI score0.01085EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/18 6:19 a.m.•4 views

Cybozu Live for Android vulnerable to arbitrary Java method execution

Overview Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains an arbitrary Java method execution vulnerability. Note that this vulnerability is a regression in version 2.0.0 of the issue in JVN23009798. Gaku Mochizuki of Mitsui Bussan Secure Directions,...

6.8CVSS7.1AI score0.01986EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/05/29 6:19 a.m.•4 views

Sleipnir Mobile for Android vulnerable to address bar spoofing

Overview Sleipnir Mobile for Android contains an issue when opening a new window, which may result in the address bar being spoofed. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impac...

5.8CVSS6.5AI score0.01528EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/04/12 3:41 a.m.•4 views

Sleipnir Mobile for Android loads arbitrary Extension API

Overview Sleipnir Mobile for Android has an Extension mechanism to customize browser functions, and this Extension function makes calls to an Extension API. Sleipnir Mobile for Android contains an issue that may allow a specially crafted web page to load an arbitrary Extension API. Keita Haga of...

5.8CVSS6.6AI score0.0088EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/04/11 5:14 a.m.•4 views

Sleipnir for Windows vulnerable to address bar spoofing

Overview Sleipnir for Windows contains an issue in displaying colors and the padlock icon on the address bar, which may result in the address bar being spoofed. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

5CVSS6.5AI score0.01034EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/04/04 5:43 a.m.•4 views

Active! mail vulnerable to information disclosure

Overview Active! mail contains an information disclosure vulnerability. Active! mail provided by TransWARE is a webmail software. Active! mail contains an information disclosure vulnerability. Mitsuru Ogino of Sugiyama Jogakuen reported this vulnerability to IPA. JPCERT/CC coordinated with the...

2.1CVSS6.3AI score0.00304EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/18 5:43 a.m.•4 views

VxWorks Web Server vulnerable to denial-of-service (DoS)

Overview The VxWorks Web Server contains a denial-of-service vulnerability. The VxWorks Web Server contains a denial-of-service DoS vulnerability. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5CVSS6.5AI score0.02374EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/18 5:38 a.m.•4 views

VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

Overview The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability. The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability due to an issue in the processing authentication requests. Hisashi Kojima and Masahiro Nakada of...

10CVSS7.2AI score0.06353EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/18 5:32 a.m.•4 views

VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

Overview The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability. The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability due to an issue in the processing directly after the SSH connection is established. Hisashi Kojima...

6.8CVSS6.5AI score0.02614EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/28 4:37 a.m.•4 views

dopvCOMET* vulnerable to cross-site scripting

Overview dopvCOMET provided by bayashi.net is a software to analyze web access logs. dopvCOMET contains a cross-site scripting vulnerability. Masahiro YAMADA reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

4.3CVSS6AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/21 4:54 a.m.•4 views

NEC Universal RAID Utility fails to restrict access permissions

Overview NEC Universal RAID Utility contains an issue where access permissions are not restricted. NEC Universal RAID Utility is a software to manage a RAID controller. NEC Universal RAID Utility contains an issue where access permissions are not restricted. SAKURA Internet Inc. reported this...

9CVSS6.9AI score0.01751EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/08 4:53 a.m.•4 views

Cybozu Garoon vulnerable to cross-site scripting

Overview Cybozu Garoon contains a cross-site scripting vulnerability. Cybozu Garoon provided by Cybozu is a groupware. Cybozu Garoon contains a cross-site scripting vulnerability. Ken Asai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/21 3:41 a.m.•4 views

concrete5 vulnerable to cross-site scripting

Overview concrete5 contains a cross-site scripting vulnerability. concrete5 is an open source content management system CMS. concrete5 contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

4.3CVSS6AI score0.0143EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/21 3:37 a.m.•4 views

Loctouch for Android information management vulnerability

Overview Loctouch for Android contains an information management vulnerability. Loctouch provided by NHN Japan, is an application that logs location information. Loctouch for Android contains an information management vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported...

2.6CVSS6.3AI score0.00992EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/17 3:23 a.m.•4 views

WikkaWiki vulnerable to cross-site scripting

Overview WikkaWiki contains a cross-site scripting vulnerability. WikkaWiki is an open source wiki written in PHP. WikkaWiki contains a cross-site scripting vulnerability. Daiki Fukumori of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

4.3CVSS6AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/12/14 3:50 a.m.•4 views

Welcart vulnerable to cross-site scripting

Overview Welcart contains a cross-site scripting vulnerability. Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a cross-site scripting vulnerability. Yoshinori Matsumoto of Kobe Digital Lab., Inc. reported this vulnerability to IPA. JPCERT/CC...

5CVSS6AI score0.01948EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/29 6:23 a.m.•4 views

Denial of Service (DoS) Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2

Overview JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 contain a vulnerability that could allow a remote attacker to cause a denial of service DoS condition. Impact A remote attacker could cause a denial of service DoS condition. Solution Please refer to the...

5CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/29 5:48 a.m.•4 views

Hitachi Device Manager Software Denial of Service (DoS) Vulnerability

Overview Hitachi Device Manager Software HDvM contains a denial of service abend vulnerability when receiving a large amount of data at once. If HDvM exits abnormally, users will be able to resume using the software by restarting the HDvM service or daemon. Impact A remote attacker could cause a...

5CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/21 5:34 a.m.•4 views

BIGACE vulnerable to session fixation

Overview BIGACE contains a session fixation vulnerability. BIGACE is a content management system CMS. BIGACE contains a session fixation vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

6.8CVSS6.5AI score0.01309EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/07 7:1 a.m.•4 views

BeZIP vulnerable to directory traversal

Overview BeZIP contains a directory traversal vulnerability. BeZIP provided by Be Graph Co.,Ltd. is a file compression/extraction software supporting ZIP and LZH formats. BeZIP contains a directory traversal vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this...

5CVSS6.7AI score0.01943EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/05 8:58 a.m.•4 views

Multiple Vulnerabilities in Hitachi JP1/File Transmission Server/FTP

Overview Hitachi JP1/File Transmission Server/FTP contains multiple vulnerabilities. FTP Bounce Attack in PASV mode Buffer overflow at file transmission Defect of the account information check in user authentication Impact A remote attacker could access arbitrary files in system. Solution Please...

9CVSS7.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/02 5:21 a.m.•4 views

Pebble vulnerable to HTTP header injection

Overview Pebble contains an HTTP header injection vulnerability. Pebble is an open source weblog system. Pebble contains an HTTP header injection vulnerability. Takahisa Kishiya reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

4.3CVSS7.1AI score0.01168EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/02 5:20 a.m.•4 views

Pebble vulnerability where entries may become unviewable

Overview Pebble contains a vulnerability where blog entries may become unviewable due to a specially crafted comment being posted. Pebble is an open source weblog system. Pebble contains an issue in the processing of comments that are posted on blog entries, which may lead to a vulnerability wher...

6.4CVSS6.7AI score0.01511EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/02 5:18 a.m.•4 views

MosP kintai kanri vulnerable to authentication bypass

Overview MosP kintai kanri contains an authentication bypass vulnerability. MosP kintai kanri is an open source attendance management software. MosP kintai kanri contains an authentication bypass vulnerability. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the develop...

6.5CVSS6.8AI score0.01139EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/02 5:16 a.m.•4 views

MosP kintai kanri fails to restrict access permissions

Overview MosP kintai kanri contains an issue where access permissions are not restricted. MosP kintai kanri is an open source attendance management software. MosP kintai kanri contains an issue where access permissions are not restricted. Masako Ohno reported this vulnerability to IPA. JPCERT/CC...

4CVSS6.5AI score0.01094EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/10/05 7:49 a.m.•4 views

MyWebSearch vulnerable to cross-site scripting

Overview MyWebSearch contains a cross-site scripting vulnerability. MyWebSearch is a CGI script for searching within a website. MyWebSearch contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to t...

4.3CVSS6.1AI score0.01161EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/09/28 3:20 a.m.•4 views

jigbrowser+ for Android vulnerable in the WebView class

Overview jigbrowser+ for Android contains a vulnerability in the WebView class. jigbrowser+ is a web browser for a smartphone. jigbrowser+ for Android contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/...

4.3CVSS6.5AI score0.01191EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/09/20 3:31 a.m.•4 views

Email Anti-virus (formerly WebShield SMTP) vulnerable to denial-of-service

Overview Email Anti-virus formerly WebShield SMTP provided by McAfee Co., Ltd. contains a denial-of-service DoS vulnerability. Email Anti-virus formerly WebShield SMTP provided by McAfee Co., Ltd. is an anti-virus package that scans emails. Email Anti-virus formerly WebShield SMTP contains a...

7.8CVSS6.6AI score0.01895EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/06 8:19 a.m.•4 views

YY-BOARD vulnerable to cross-site scripting

Overview YY-BOARD contains a cross-site scripting vulnerability. YY-BOARD is a bulletin-board software. YY-BOARD contains a vulnerability in handling web form entries, which may result in cross-site scripting. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/03 5:49 a.m.•4 views

Zenphoto vulnerable to cross-site scripting

Overview Zenphoto contains a cross-site scripting vulnerability. Zenphoto is a content management system CMS. Zenphoto contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Ear...

5CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/11 6:5 a.m.•4 views

Flash Player issue in implementations of the Same Origin Policy

Overview Flash Player contains an issue in implementations of the Same Origin Policy. SoundMixer.computeSpectrum method, included in Flash Player, contains an issue in implementations of the Same Origin Policy. Mitsuaki Shiraishi of Symantec Japan, Inc. reported this vulnerability to IPA. JPCERT/...

4.3CVSS6.6AI score0.03655EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/06 3:39 a.m.•4 views

SEIL series fail to restrict access permissions

Overview SEIL series contain an issue where access permissions are not restricted. SEIL series are wireless LAN routers. SEIL series contain an issue where access permissions are not restricted. Impact An attacker that can access the product's HTTP proxy may bypass restrictions such as the URL...

5CVSS6.9AI score0.01211EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/25 6:50 a.m.•4 views

Logitec LAN-W300N/R series fails to restrict access permissions

Overview Logitec LAN-W300N/R series contain an issue where access permissions are not restricted. The LAN-W300N/R series are wireless LAN routers. Logitec LAN-W300N/R series contain an issue where access permissions are not restricted. Jin Sawada, Keisuke Okazaki, Naoto Katsumi of Security...

10CVSS6.5AI score0.05867EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 7:44 a.m.•4 views

WEB MART from KENT-WEB vulnerable to cross-site scripting

Overview WEB MART provided by KENT-WEB contains a cross-site scripting vulnerability. WEB MART provided by KENT-WEB is a system for creating shopping websites. WEB MART contains a vulnerability in handling cookies, which may result in cross-site scripting. ISHIBASHI,Tsuyoshi of Mitsui Bussan Secu...

4.3CVSS5.8AI score0.01792EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 6:14 a.m.•4 views

Arbitrary Code Execution Vulnerability in Hitachi COBOL GUI Option on Windows

Overview Hitachi COBOL GUI Option on Windows contains a vulnerability where arbitrary code may be executed. This problem does not occur when only the following runtime products are solely used. COBOL GUI Option Run Time System Version 6 COBOL GUI Option Server Run Time System Version 6 COBOL GUI...

10CVSS7.7AI score0.0347EPSS
Exploits0References4
Total number of security vulnerabilities5000