Lucene search
K
JvnMost viewed

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/22 6:28 a.m.•3 views

EC-CUBE vulnerable to authorization bypass

Overview EC-CUBE contains an authorization bypass vulnerability. EC-CUBE from EC-CUBE CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an authorization bypass vulnerability CWE-639. The developer reported this vulnerability to JPCERT/CC under Information Security...

9.1CVSS6.6AI score0.02245EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2014/01/10 5:44 a.m.•3 views

NeoFiler vulnerable to directory traversal

Overview NeoFiler provided by SkyArts.com contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5.8CVSS6.9AI score0.01392EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/24 6:2 a.m.•3 views

IrfanView vulnerable to buffer overflow

Overview IrfanView is an application for viewing images of many different file formats. IrfanView contains a buffer overflow vulnerability, when using the Thumbnails window with Thumbnail tooltips enabled. Asuka Nakajima of NTT Secure Platform Laboratories reported this vulnerability to IPA...

7.6CVSS7.5AI score0.05749EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/10 5:13 a.m.•3 views

Cybozu Dezie vulnerable to cross-site scripting

Overview Cybozu Dezie provided by Cybozu, Inc. contains a cross-site scripting vulnerability. Ken Asai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the web browser o...

4.3CVSS6AI score0.01284EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/03 4:51 a.m.•3 views

Cybozu Garoon vulnerable to session fixation

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a session fixation vulnerability. Impact A remote, unauthenticated attacker may impersonate a registered user. As a result, information may be disclosed or altered. Solution Update the Software Update to the...

6.8CVSS6.7AI score0.01309EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/03 4:49 a.m.•3 views

Cybozu Garoon vulnerable to mail header injection

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains a mail header injection vulnerability in the Phone Messages function. Impact If the function that forwards Phone Messages to an email address is configured, the header of the email to be forwarded may be altered...

4CVSS7.1AI score0.00962EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/12/03 4:46 a.m.•3 views

Cybozu Garoon vulnerable to denial-of-service (DoS)

Overview Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains a denial-of-service DoS vulnerability. Impact A denial-of-service DoS attack via Garoon 3 Keitai may cause high CPU usage on the server. Solution Update the Software Update to the latest version according to th...

5CVSS6.6AI score0.0157EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/12 5:33 a.m.•3 views

Ichitaro series vulnerable to arbitrary code execution

Overview The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. This vulnerability differs from other issues that were previously published on JVN. For more information, please refer to the developer's website...

9.3CVSS7.6AI score0.04587EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/07 5:3 a.m.•3 views

Page Scroller vulnerable to cross-site scripting

Overview The ZIP archive for Page Scroller contains an issue where it includes a version of jQuery that is vulnerable to cross-site scripting. Page Scroller from coliss is a script that uses jQuery. In addition to Page Scroller being avaliable just as a script, it is also available as a ZIP archi...

4.3CVSS5.7AI score
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/05 6:5 a.m.•3 views

Tiki Wiki CMS Groupware vulnerable to cross-site scripting

Overview Tiki Wiki CMS Groupware Tiki is a content management system CMS. Tiki contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

4.3CVSS6.1AI score0.01156EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 5:52 a.m.•3 views

SEIL Series routers vulnerable in RADIUS authentication

Overview SEIL Series routers contain a vulnerability in RADIUS authentication. The PPP Access Concentrator PPPAC in SEIL Series routers provided by Internet Initiative Japan Inc. contains an issue when generating random numbers used for RADIUS authentication, which may result in the generated...

4CVSS7AI score0.01257EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/13 3:21 a.m.•3 views

ChamaCargo vulnerable to cross-site scripting

Overview ChamaCargo provided by ChamaNet is a system for creating shopping websites. ChamaCargo contains a cross-site scripting vulnerability. Koki Takahashi of Keiji Takeda Lab, Keio University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securit...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/12 5:13 a.m.•3 views

Opera vulnerable to cross-site scripting

Overview Opera is a web browser. Opera contains a cross-site scripting vulnerability when the page encoding settings are set to UTF-8. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided ...

4.3CVSS6.1AI score0.01788EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/10 4:56 a.m.•3 views

Cybozu Office vulnerable to cross-site scripting

Overview Cybozu Office is a groupware. Cybozu Office contains a cross-site scripting vulnerability in the function to customize the top page. Motoki Nishio of VALTES CO.,LTD. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

4.3CVSS5.9AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/06 5:3 a.m.•3 views

VMware ESX and ESXi vulnerable to buffer overflow

Overview VMware ESX and ESXi contains a buffer overflow vulnerability. Shanon Olsson reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A remote attacker may cause a denial-of-service DoS or execute...

7.5CVSS7.8AI score0.03092EPSS
Exploits1References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/06 4:59 a.m.•3 views

VMware ESX and ESXi vulnerable to directory traversal

Overview VMware ESX and ESXi contains a directory traversal vulnerability. Shanon Olsson reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A remote attacker may delete arbitrary files on the host operati...

9.4CVSS7AI score0.03687EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/08/07 6:1 a.m.•3 views

docomo overseas usage application vulnerability in the connection process

Overview docomo overseas usage application provided by NTT DOCOMO contains a vulnerability within the process of connecting to Wi-Fi access points, which may lead to user information being sent unintentionally. Impact When connecting to a Wi-Fi access point, an attacker may obtain user informatio...

3.3CVSS6.6AI score0.00732EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/07/17 4:56 a.m.•3 views

Oracle Outside In vulnerable to denial-of-service (DoS)

Overview Oracle Outside In is a library to decode over 500 file types. Oracle Outside In contains a denial-of-service DoS vulnerability. Takahiro Haruyama of Internet Initiative Japan Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Earl...

6.8CVSS6.5AI score0.01732EPSS
Exploits0References17
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/07/16 3:27 a.m.•3 views

Cybozu Office session management vulnerability

Overview Cybozu Office is a groupware. Cybozu Office contains a vulnerability in session management. Ooi Keita reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A third-party that obtains the URL for a login m...

5.8CVSS6.5AI score0.01969EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/27 5:33 a.m.•3 views

EC-CUBE vulnerable to directory traversal

Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a directory traversal vulnerability. Note that this vulnerability is different from JVN43886811. LOCKON CO.,LTD. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

5CVSS6.9AI score0.01862EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/27 5:29 a.m.•3 views

EC-CUBE vulnerable to directory traversal

Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a directory traversal vulnerability. Note that this vulnerability is different from JVN04161229. Gen Sato reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

5CVSS6.8AI score0.01862EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/18 6:17 a.m.•3 views

Ichitaro series vulnerable to arbitrary code execution

Overview The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. This vulnerability differs from other issues that were previously published on JVN. Impact When a user opens a specially crafted file, an arbitra...

10CVSS7.6AI score0.04174EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/06/11 4:48 a.m.•3 views

Galapagos Browser vulnerable in the WebView class

Overview Galapagos Browser is a web browser for Android devices. Galapagos Browser contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

4.3CVSS6.5AI score0.00893EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/05/31 6:43 a.m.•3 views

FileMaker Pro vulnerable to cross-site scripting

Overview FileMaker Pro contains an "Instant Web Publishing" function. When this function is enabled, FileMaker Pro is vulnerable to cross-scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Upgrade the software Upgrade to the latest version according to the...

4.3CVSS6.8AI score0.01792EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/05/27 6:4 a.m.•3 views

Yahoo! Browser vulnerable to address bar spoofing

Overview Yahoo! Browser contains an issue in displaying URL, which may result in the address bar being spoofed. Note that this vulnerability is different from JVN55074201. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5.8CVSS6.5AI score0.01516EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/05/20 6:16 a.m.•3 views

Cross-site scripting vulnerability in the web2py social bookmarking widget

Overview The social bookmarking widget share.js in web2py contains a cross-site scripting vulnerability. web2py is a framework for creating and designing web applications. The social bookmarking widget in web2py contains a cross-site scripting vulnerability. Yuji Kosuga of Everforth Co., Ltd...

4.3CVSS6AI score0.0118EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/04/26 6:50 a.m.•3 views

Yahoo! Browser vulnerable to address bar spoofing

Overview Yahoo! Browser contains an issue when opening a new window, which may result in the address bar being spoofed. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact This...

5.8CVSS6.5AI score0.0146EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/26 4:36 a.m.•3 views

ArtIME Japanese Input vulnerable to information disclosure

Overview ArtIME Japanese Input contains an issue in the access permissions for the certain files. ArtIME Japanese Input is a Japanese Input Method Editor IME for Android devices. ArtIME Japanese Input contains an issue in the access permissions for the certain files. Gaku Mochizuki of Mitsui Buss...

5CVSS6.5AI score0.00982EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/18 5:30 a.m.•3 views

VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

Overview The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability. The SSH server IPSSH implementation in VxWorks contains a denial-of-service vulnerability due to an issue in processing pty requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories...

6.8CVSS6.5AI score0.02176EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/03/07 5:13 a.m.•3 views

Multiple Cisco products vulnerable to denial-of-service (DoS)

Overview The SSH implementation in multiple Cisco products contains a denial-of-service DoS vulnerability. Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

7.8CVSS6.7AI score0.01553EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/26 5:45 a.m.•3 views

Multiple JustSystems products vulnerable to arbitrary code execution

Overview Multiple products provided by JustSystems Corporation contain a vulnerability that may allow arbitrary code execution. For more information, refer to the information provided by the developer. Impact Opening a file may cause arbitrary code to be executed with the privilege of the running...

9.3CVSS7.6AI score0.03815EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/15 5:29 a.m.•3 views

3DM (3ware Disk Manager) vulnerable to directory traversal

Overview 3DM 3ware Disk Manager contains a directory traversal vulnerability. 3DM provided by LSI is a software to manage a RAID controller. 3DM contains a directory traversal vulnerability. yamaguchi tsuyoshi of Digiplate.inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

5CVSS6.8AI score0.01854EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/02/14 5:15 a.m.•3 views

GREE for Android vulnerable to directory traversal

Overview GREE for Android contains a directory traversal vulnerability. GREE for Android contains an issue in handling URL inputs, which may result in a directory traversal vulnerability. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS6.5AI score0.01368EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/01/25 3:32 a.m.•3 views

WebSphere Application Server (WAS) vulnerable to cross-site scripting

Overview WebSphere Application Server WAS provided by IBM contains a cross-site scripting vulnerability. WebSphere Application Server WAS provided by IBM contains a vulnerability in SnoopServlet, which may result in a cross-site scripting. Eiji James Yoshida of Security Professionals Network Inc...

4.3CVSS5.7AI score
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/01/22 6:22 a.m.•3 views

myu-s / PHP WeblogSystem by netmania vulnerable to cross-site scripting

Overview myu-s and PHP WeblogSystem by netmania contain a cross-site scripting vulnerability. myu-s and PHP WeblogSystem by netmania provided by FLUGELz contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software...

4.3CVSS6.2AI score0.01161EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/01/18 4:36 a.m.•3 views

Documents Pro (formerly Files HD) vulnerable to cross-site scripting

Overview Documents Pro provided by Olive Toast Software Ltd. contains a cross-site scripting vulnerability. Documents Pro provided by Olive Toast Software Ltd. is a document viewer for iOS devices. Documents Pro contains a cross-site scripting vulnerability. Keigo Yamazaki of LAC Co., Ltd. report...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/11/14 6:7 a.m.•3 views

Multiple Android devices vulnerable to denial-of-service (DoS)

Overview Multiple Android devices contains a denial-of-service DoS vulnerability. Multiple Android devices contain an issue when referencing specific system area, which may lead to a denial-of-service DoS. Tsukasa Oi of Fourteenforty Research Institue, Inc. reported this vulnerability to IPA...

5.4CVSS6.5AI score
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/30 5:0 a.m.•3 views

Opera address bar spoofing vulnerability

Overview Opera contains a vulnerability where the URL displayed in the address bar may be spoofed. Opera contains a vulnerability where certain characters may be displayed in the address bar, causing 2 URLs to potentially be indistinguishable from each other. Masahiro Yamada reported this...

5CVSS6.5AI score0.01318EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/30 4:57 a.m.•3 views

Adobe Reader fails to properly handle signatures

Overview Adobe Reader fails to properly handle RSA signatures. Adobe Reader contains an issue where it may fail to properly verify RSA signatures. Masahiko Takenaka of FUJITSU LABORATORIES LTD. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

5CVSS7.3AI score0.04894EPSS
Exploits1References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/08/10 6:5 a.m.•3 views

Cross-site Scripting Vulnerability in JP1/Integrated Management - Service Support

Overview A cross-site scripting vulnerability was found in JP1/Integrated Management - Service Support. Impact Remote users can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate...

3.5CVSS6.3AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/07/30 5:53 a.m.•3 views

Multiple web browsers vulnerable in processing Tranfer-Encoding header

Overview Multiple web browsers contain a vulnerability in processing the Transfer-Encoding header. Multiple web browsers contain a vulnerability in processing the Transfer-Encoding header. When viewing a malicious web site through a proxy server, part of the HTTP response may be misidentified as ...

2.6CVSS6.6AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 5:31 a.m.•3 views

WEB PATIO vulnerable to cross-site scripting

Overview WEB PATIO contains a cross-site scripting vulnerability. WEB PATIO is a bulletin-board software. WEB PATIO contains a vulnerability in handling web form entries, which may result in cross-site scripting. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated wi...

4.3CVSS5.8AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/19 5:0 a.m.•3 views

SmallPICT vulnerable to cross-site scripting

Overview SmallPICT contains a cross-site scripting vulnerability. SmallPICT is a bulletin-board software. SmallPICT contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/06/05 5:4 a.m.•3 views

@WEB ShoppingCart vulnerable to cross-site scripting

Overview @WEB ShoppingCart contains a cross-site scripting vulnerability. @WEB ShoppingCart provided by WEBLOGIC CORPORATION. is a system for creating shopping websites. @WEB ShoppingCart contains a cross-site scripting vulnerability. Yoshinori Matsumoto of Kobe Digital Labo.,Inc reported this...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/21 4:56 a.m.•3 views

iLunascape for Android vulnerable in the WebView class

Overview iLunascape for Android contains a vulnerability in the WebView class. iLunascape for Android is a web browser for Android devices. iLunascape for Android contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to...

5CVSS6.5AI score0.01513EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/05/15 7:53 a.m.•3 views

WEB MART from KENT-WEB vulnerable to cross-site scripting

Overview WEB MART provided by KENT-WEB contains a cross-site scripting vulnerability. WEB MART provided by KENT-WEB is a system for creating shopping websites. WEB MART contains a vulnerability when using Microsoft IE's CSS expressions, which may result in cross-site scripting. Isayama Takayoshi ...

4.3CVSS5.8AI score0.01783EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/04/13 5:3 a.m.•3 views

Dokodemo Rikunabi 2013 vulnerable to cross-site scripting

Overview Dokodemo Rikunabi 2013 contains a cross-site scripting vulnerability. Dokodemo Rikunabi 2013 is an extension for Google Chrome. Dokodemo Rikunabi 2013 contains a cross-site scripting vulnerability. Kazuhiko Kusano of Graduate School of Information Sciences,Tohoku University reported this...

5.8CVSS6.1AI score0.01968EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/19 3:4 a.m.•3 views

JP1/Cm2/Network Node Manager i Denial of Service (DoS) Vulnerability

Overview JP1/Cm2/Network Node Manager i NNMi contains vulnerabilities could allow a remote attacker to cause a denial of service DoS condition or execute arbitrary code. Impact A remote attacker could cause a denial of service DoS condition or execute arbitrary code. Solution Please refer to the...

7.8CVSS7.4AI score0.02929EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/03/09 5:18 a.m.•3 views

SquirrelMail plugin Autocomplete vulnerable to cross-site scripting

Overview The SquirrelMail plugin Autocomplete contains a cross-site scripting vulnerability. The Autocomplete plugin in SquirrelMail searches for registered email addresses in user contacts as the user types into specific fields. The Autocomplete plugin contains a cross-site scripting...

4.3CVSS6AI score0.01443EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2012/02/23 5:21 a.m.•3 views

Movable Type vulnerable to OS command injection

Overview Movable Type contains an OS command injection vulnerability. Movable Type contains an OS command injection vulnerability in its file management system. Impact A user with a privilege to upload files may execute an arbitrary OS command. Solution Update the software Update to the latest...

6.5CVSS7.7AI score0.02421EPSS
Exploits0References5
Total number of security vulnerabilities5000