5627 matches found
JVN#06045169 mod_imap cross-site scripting vulnerability
Impact A remote attacker could execute a malicious script on the web browser of a user who accessed a web page where modimap or modimagemap is used. Solution Products Affected For more information, refer to the vendor's website...
JVN#28011334 Opera bookmark function vulnerability
Impact An user cannot start Opera Web Browser because it crashes during startup. Solution Products Affected Opera for Windows, earlier than version 8.51 Opera for MacOS, earlier than version 8.51...
JVN#15972537 Fujitsu Java Runtime Environment reflection API vulnerability
Impact If a user downloads and executes a specially crafted applet, a remote attacker could access local files with the elevated privileges or execute arbitrary code with the privilege of the user running the applet. Solution Products Affected For more information, refer to the vendor's website...
JVN#15243167 Problem with referer header handling on mobile phone web browsers
Impact Referer information may be unintendedly sent to a server under certain operating conditions. Solution Products Affected For more information, refer to the vendors' websites...
JVN#76357668 MitakeSearch cross-site scripting vulnerability
Impact A malicious script may be executed on the user's web browser. Solution Products Affected MitakeSearch V4.2...
JVN#67001206 Multiple vulnerabilities in FreeStyleWiki including cross-site scripting
Impact A malicious script may be executed on the user's web browser. Furthermore, a combination of the vulnerabilities can be exploited to create a new user with administrative privileges when a FreeStyleWiki administrator logs into it with administrative privileges and views a Wiki page which is...
JVN#30451602 HTTPD-User-Manage cross-site scripting vulnerability
Impact A malicious script may be executed on the web browser of the user who can access HTTPD-User-Manage. Solution Products Affected HTTPD-User-Manage 1.62 and earlier...
JVN#25106961 Kent Web PostMail vulnerable to third party mail relay
Impact An attacker could possibly compromise the mail server to send an unsolicited email. Solution Products Affected Kent Web PostMail 3.2 and earlier...
JVN#18282718 Hyper Estraier directory traversal/denial of service vulnerability
Impact If a remote attacker sends a specially crafted file and a user saves it in a search target directory, the attacker could register a file not to be searched in an index when the user creats an index, or cause a denial of service. Solution Products Affected Versions earlier than Hyper Estrai...
JVN#77105349 XOOPS cross-site scripting vulnerability
Impact A remote attacker may upload a script to be executed by a user reading a private message or a forum article. This may allow a remote attacker to perform a session-hijacking and manipulate the screens after the user logs in. Solution Products Affected XOOPS 2.0.12 JP and earlier XOOPS...
JVN#59130192 eBASEweb SQL injection vulnerability
Impact A remote attacker could alter database content or steal data. Solution Update the Software Apply the latest updates provided by the vendor. Products Affected eBASEweb version 3.0...
JVN#23632449: OpenSSL version rollback vulnerability
Impact When performing communication through a path controlled by an attacker using OpenSSL, the attacker conducting a man-in-the-middle MITM attack can force a client and a server to negotiate the SSL 2.0 protocol even if these parties both support SSL 3.0 or TLS 1.0 to intercept or alter data...
JVN#79314822: Tomcat vulnerable in request processing
Apache Tomcat, an implementation of the Java Servlet and JavaServer Pages technologies, contains a vulnerability in processing specific requests. The Apache Software Foundation currently does not support AJP 1.3 Connector, and recommends the use of Coyote JK Connector instead. It also recommends...
JVN#76659792 WirelessIP5000 has multiple vulnerabilities
Impact These vulnerabilities may allow an attacker to conduct the following attacks: Illegal information collection Change of the configuration using SNMP protocol, web browsers, etc. Denial of service DoS attacks using information which the HTTP server provides Impersonation and information...
JVN#31226748 Vulnerability in multiple web browsers allowing request spoofing attacks
Impact Authentication information or cookie information could be leaked. Solution Products Affected For more information, refer to the vendors' websites...
JVN#62914675 Ruby vulnerability allowing to bypass safe level 4 as a sandbox
Impact An attacker could possibly execute an arbitrary script. Solution Products Affected Ruby 1.8.2 and earlier...
JVN#40940493 Webmin and Usermin authentication bypass vulnerability
Impact A remote attacker could bypass Webmin and Usermin's authentication, and execute an arbitrary command with root privileges. Solution Products Affected Webmin Version 1.200 - 1.220 Usermin Version 1.130 - 1.160...
JVN#97422426 Hyper NIKKI System cross-site request forgery vulnerability
Impact If a weblog administrator accesses a malicious web page, an attacker could add, alter, or delete the weblog text. If the weblog text is successfully altered, the attacker could perform a cross-site scripting attack to steal cookie information of weblog readers including weblog administrato...
JVN#42435855 FreeStyleWiki command injection vulnerability
Impact A user having FreeStyleWiki administrative privileges but with no web server administrative privileges could execute arbitrary code with privileges to execute CGI on the web server. Solution Products Affected FreeStyleWiki 3.5.8 and earlier...
JVN#23727054 Pochy denial-of-service (DoS) vulnerability
Impact A remote attacker could exploit this vulnerability to cause a denial-of-service DoS attack by sending a specially crafted email to a Pochy user. Solution Products Affected Pochy 0.2.1a...
JVN#38138980 Hiki cross-site scripting vulnerability
Impact A remote attacker could create a content containing attacking code and take over a session by stealing the session ID of the user who logged into the system. If the user logged into the system as the administrator, the remote attacker could manipulate configurations. Solution Products...
JVN#29273468 QRcode Perl CGI & PHP script vulnerable to denial of service attack
Impact A remote attacker may cause a denial of service DoS attack. Solution Products Affected QRcode Perl/CGI & PHP script ver. 0.50f and earlier including both Perl versions and PHP versions...
JVN#60776919 tDiary cross-site request forgery vulnerability
Impact If a user loads a malicious web page, an attacker could alter or delete the diary text or alter tDiary configurations. In addition, a remote attacker could execute an arbitrary script or command on the web server running tDiary with privileges of the tDiary user. Solution Products Affected...
JVN#93926203 Java Cryptography Extension 1.2.1 (JCE 1.2.1) will no longer function properly after July 28, 2005 due to the expiration of its digital certificate
Impact Problems, such as that a Java application using JCE 1.2.1 does not start, may occur after 6:43 JST on July 28, 2005. Java applications using JCE 1.2.1 may not start after 6:43 JST, +0900 on July 28, 2005. Solution Products Affected Java applications using Sun's JCE 1.2.1...
JVN#74012178 Movable Type session management vulnerability
Impact A remote attacker could freely manipulate a web log by posting or deleting blog entries. Solution Products Affected Movable Type 3.151-ja and earlier...
JVN#97757029 w3ml cross-site scripting vulnerability
Impact An arbitrary script could be executed on the user's web browser which may allow an attacker to steal cookie information. Solution Products Affected w3ml-0.4-20020625 and earlier...
JVN#55023557 Buffalo router configuration management interface vulnerable to remote access and password leakage
Impact Configurations could be changed by the remote attacker. As the save configuration stores user's account and password information of ISPs in plain-text format, a remote attacker could steal such information and impersonate a user to gain illegal access. Solution Products Affected BUFFALO...