Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/09 12:0 a.m.31 views

JVN#85359294: WL-330NUL vulnerable to denial-of-service (DoS)

WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a denial-of-service DoS vulnerability. Impact An attacker who can access the product may be able to cause a denial-of-service DoS. Solution Update the Firmware Update the firmware to the latest version...

4.3CVSS4.4AI score0.00633EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/09 12:0 a.m.24 views

JVN#89965717: WL-330NUL vulnerable to cross-site scripting

WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a stored cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Firmware Update the firmware to the latest version according to the...

6.1CVSS6AI score0.01009EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/09 12:0 a.m.31 views

JVN#69462495: WL-330NUL information management vulnerability

WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains an issue in information management. Impact An attacker that can access the product may obtain the WPA2-PSK passphrase. Solution Update the Firmware Update the firmware to the latest version according to th...

4.3CVSS4.4AI score0.00632EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/09 12:0 a.m.29 views

JVN#34489380: WL-330NUL vulnerable to remote command execution

WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a remote command execution vulnerability. Impact An attacker that can access the product may execute an arbitrary command with administrative privileges. Solution Update the Firmware Update the firmware to...

7.3CVSS7.4AI score0.0223EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/08 5:29 a.m.2 views

Web Analytics Service vulnerable to cross-site scripting

Overview The JavaScript module for using Web Analytics Service which was provided by NTT DATA Smart Sourcing Corporation contains a cross-site scripting vulnerability CWE-79 due to a flaw in escaping process. According to the developer, this script was distributed from 26 November, 2003 to 9 July...

6.1CVSS6AI score0.0102EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/07 5:21 a.m.3 views

GANMA! App for iOS fails to verify SSL server certificates

Overview GANMA! App for iOS provided by COMICSMART INC. fails to verify SSL server certificates. Yuji Tounai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack may allow an attacker t...

5.9CVSS6.4AI score0.00696EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/07 12:0 a.m.30 views

JVN#70083512: Web Analytics Service vulnerable to cross-site scripting

The JavaScript module for using Web Analytics Service which was provided by NTT DATA Smart Sourcing Corporation contains a cross-site scripting vulnerability CWE-79 due to a flaw in escaping process. According to the developer, this script was distributed from 26 November, 2003 to 9 July, 2013...

6.1CVSS6AI score0.0102EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/07 12:0 a.m.42 views

JVN#44541100: GANMA! App for iOS fails to verify SSL server certificates

GANMA! App for iOS provided by COMICSMART INC. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the...

5.9CVSS5.3AI score0.00696EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/03 5:26 a.m.7 views

EC-CUBE plugin BbAdminViewsControl vulnerable to SQL injection

Overview BbAdminViewsControl from BOKUBLOCK CO., LTD. is an EC-CUBE plugin. BbAdminViewsControl contains an SQL injection vulnerability CWE-89. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

5.5CVSS7.8AI score0.0107EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/03 12:0 a.m.43 views

JVN#55545372: EC-CUBE plugin BbAdminViewsControl vulnerable to SQL injection

BbAdminViewsControl from BOKUBLOCK CO., LTD. is an EC-CUBE plugin. BbAdminViewsControl contains an SQL injection vulnerability CWE-89. Impact A logged in attacker may execute SQL statements. According to the developer, this vulnerability affects availability of the server that EC-CUBE resides, bu...

4.3CVSS5.1AI score0.0107EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/12/01 6:59 a.m.1 views

XML External Entity (XXE) Vulnerability in Hitachi Command Suite

Overview XML External Entity XXE Vulnerability exists in Hitachi Command Suite. Impact Malicious attacker might exploit this vulnerability to disclose arbitrary files. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

5CVSS7AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/30 4:44 a.m.3 views

p++BBS vulnerable to cross-site scripting

Overview p++BBS provided by Let's PHP! contains a stored cross-site scripting vulnerability CWE-79. Koki Takahashi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the...

6.1CVSS5.9AI score0.01009EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/30 4:44 a.m.3 views

Frame high-speed chat vulnerable to cross-site scripting

Overview Frame high-speed chat provided by Let's PHP! contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the developer...

6.1CVSS6.1AI score0.00765EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/30 12:0 a.m.32 views

JVN#72891124: p++BBS vulnerable to cross-site scripting

p++BBS provided by Let's PHP! contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the developer. Products Affected p++BBS...

6.1CVSS6AI score0.01009EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/30 12:0 a.m.31 views

JVN#35845584: Frame high-speed chat vulnerable to cross-site scripting

Frame high-speed chat provided by Let's PHP! contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the developer. Products Affected...

6.1CVSS6AI score0.00765EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/27 4:29 a.m.3 views

Apache Cordova vulnerable to improper application of whitelist restrictions

Overview Apache Cordova provided by the Apache Software Foundation is a framework for creating mobile applications for various platforms. Android applications built using Apache Cordova contain a vulnerability where whitelist restrictions are not properly applied. Muneaki Nishimura of Sony Digita...

4.3CVSS6.8AI score0.04216EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/27 4:29 a.m.4 views

ManageEngine Firewall Analyzer fails to restrict access permissions

Overview ManageEngine Firewall Analyzer provided by Zoho Corporation is a log analytics and configuration management software for network security devices. ManageEngine Firewall Analyzer contains a vulnerability where access permissions are not restricted. Mukai Akihito, Hasegawa Tomoshige report...

7.5CVSS6.5AI score0.07097EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/27 4:28 a.m.11 views

ManageEngine Firewall Analyzer vulnerable to directory traversal

Overview ManageEngine Firewall Analyzer provided by Zoho Corporation is a log analytics and configuration management software for network security devices. ManageEngine Firewall Analyzer contains a directory traversal vulnerability. Mukai Akihito and Hasegawa Tomoshige reported this vulnerability...

6.5CVSS6.6AI score0.10631EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/27 12:0 a.m.32 views

JVN#18889193: Apache Cordova vulnerable to improper application of whitelist restrictions

Apache Cordova provided by the Apache Software Foundation is a framework for creating mobile applications for various platforms. Android applications built using Apache Cordova contain a vulnerability where whitelist restrictions are not properly applied. Impact Accessing a specially crafted URL...

4.3CVSS6.3AI score0.04216EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/27 12:0 a.m.26 views

JVN#21968837: ManageEngine Firewall Analyzer vulnerable to directory traversal

ManageEngine Firewall Analyzer provided by Zoho Corporation is a log analytics and configuration management software for network security devices. ManageEngine Firewall Analyzer contains a directory traversal vulnerability. Impact An authenticated attacker may be able to obtain arbitrary files on...

6.5CVSS6.5AI score0.10631EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/27 12:0 a.m.48 views

JVN#12991684: ManageEngine Firewall Analyzer fails to restrict access permissions

ManageEngine Firewall Analyzer provided by Zoho Corporation is a log analytics and configuration management software for network security devices. ManageEngine Firewall Analyzer contains a vulnerability where access permissions are not restricted. Impact An attacker may be able to obtain server...

7.5CVSS7.4AI score0.07097EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/20 4:38 a.m.1 views

Void vulnerable to cross-site scripting

Overview Void is an open source content management system CMS. Void contains a cross-site scripting vulnerability CWE-79. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA under Information Security Early Warning Partnership. Impact An arbitrary script may be...

4.3CVSS6AI score0.01786EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/20 4:31 a.m.5 views

ArcSight Management Center and ArcSight Logger vulnerable to cross-site scripting

Overview ArcSight Management Center and ArcSight Logger from Hewlett-Packard Development Company L.P. contain a stored cross-site scripting vulnerability CWE-79. Mukai Akihito reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

5CVSS5.9AI score0.01942EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/20 12:0 a.m.28 views

JVN#20649799: Void vulnerable to cross-site scripting

Void is an open source content management system CMS. Void contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an update Update to the latest version according to the information provided by the developer...

4.3CVSS5.8AI score0.01786EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/20 12:0 a.m.33 views

JVN#51046809: ArcSight Management Center and ArcSight Logger vulnerable to cross-site scripting

ArcSight Management Center and ArcSight Logger from Hewlett-Packard Development Company L.P. contain a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...

4.3CVSS5.6AI score0.01942EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/17 5:21 a.m.3 views

Kirby vulnerable to arbitrary file creation

Overview Kirby is a content management system CMS. Kirby contains a vulnerability that may allow a remote attacker to create arbitrary files. Yuji Tounai of NTT Com SecurityJapanKK reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warnin...

6.5CVSS7AI score0.01255EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/17 5:21 a.m.0 views

Gurunavi App for iOS fails to verify SSL server certificates

Overview Gurunavi App for iOS provided by Gurunavi, Inc. fails to verify SSL server certificates. AOKI Keiichi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack may allow an attacker...

5.9CVSS6.4AI score0.00953EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/17 5:20 a.m.4 views

applican vulnerable to script injection

Overview applican provided by Newphoria Corporation Inc. is a platform to build hybrid applications for both iOS and Android. applican is vulnerable to script injection due to an issue in proccessing URL. Note that this vulnerability is different from JVN71088919. Kenta Suefusa and Tomonori Shiom...

6.8CVSS6.9AI score0.01171EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/17 5:20 a.m.3 views

applican vulnerable to script injection

Overview applican provided by Newphoria Corporation Inc. is a platform to build hybrid applications for both iOS and Android. applican is vulnerable to script injection due to an issue in processing SSID. Note that this vulnerability is different from JVN64625488. Kenta Suefusa and Tomonori Shiom...

5.4CVSS7AI score0.01171EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/17 12:0 a.m.25 views

JVN#34780384: Kirby vulnerable to arbitrary file creation

Kirby is a content management system CMS. Kirby contains a vulnerability that may allow a remote attacker to create arbitrary files. Impact An arbitrary file created by a logged in attacker may result in arbitrary PHP code being executed on the server. Solution Update the Software Update to the...

6.5CVSS6.8AI score0.01255EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/17 12:0 a.m.31 views

JVN#71088919: applican vulnerable to script injection

applican provided by Newphoria Corporation Inc. is a platform to build hybrid applications for both iOS and Android. applican is vulnerable to script injection due to an issue in processing SSID. Impact When an application built using applican processes a specially crafted SSID, an arbitrary scri...

4.3CVSS6.2AI score0.01171EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/17 12:0 a.m.35 views

JVN#64625488: applican vulnerable to script injection

applican provided by Newphoria Corporation Inc. is a platform to build hybrid applications for both iOS and Android. applican is vulnerable to script injection due to an issue in proccessing URL. Impact When a user accesses a specially crafted URL through an application built using applican, an...

4.3CVSS6.2AI score0.01171EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/17 12:0 a.m.30 views

JVN#29141986: Gurunavi App for iOS fails to verify SSL server certificates

Gurunavi App for iOS provided by Gurunavi, Inc. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the...

5.9CVSS5.3AI score0.00953EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/13 5:25 a.m.3 views

pWebManager vulnerable to OS command injection

Overview pWebManager provided by PC-EGG Co.,Ltd. contains an OS command injection vulnerability CWE-78. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary OS command may be executed on t...

6.5CVSS7.3AI score0.01302EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/13 5:25 a.m.4 views

Apple OS X authentication issue when recovering from sleep mode

Overview Apple OS X contains an issue with authentication when recovering from sleep mode. This issue exists due to a flaw in the the processing of the text entered in the dialog box upon recovering from sleep mode. Masaki Katayama of Cyber Risks Laboratory Naviplus CO,Ltd. reported this...

3.7CVSS6.9AI score0.00335EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/13 12:0 a.m.30 views

JVN#25323093: pWebManager vulnerable to OS command injection

pWebManager provided by PC-EGG Co.,Ltd. contains an OS command injection vulnerability CWE-78. Impact An arbitrary OS command may be executed on the server by a user logged in with editor permissions. Solution Update the Software Update to the latest version according to the information provided ...

6.5CVSS6.9AI score0.01302EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/13 12:0 a.m.51 views

JVN#56210048: Apple OS X authentication issue when recovering from sleep mode

Apple OS X contains an issue with authentication when recovering from sleep mode. This issue exists due to a flaw in the the processing of the text entered in the dialog box upon recovering from sleep mode. Impact When Apple Remote Desktop is used in full screen mode and the remote connection is...

3.7CVSS6.5AI score0.00335EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/06 3:30 a.m.5 views

SonicWall TotalSecure TZ 100 Series vulnerable to denial-of-service (DoS)

Overview SonicWall TotalSecure TZ 100 Series is a firewall product provided by Dell Inc. SonicWall TotalSecure TZ 100 Series contains a denial-of-service DoS vulnerability. FFRI,Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

5CVSS6.5AI score0.02897EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/06 12:0 a.m.36 views

JVN#90135579: SonicWall TotalSecure TZ 100 Series vulnerable to denial-of-service (DoS)

SonicWall TotalSecure TZ 100 Series is a firewall product provided by Dell Inc. SonicWall TotalSecure TZ 100 Series contains a denial-of-service DoS vulnerability. Impact Processing a specially crafted packet may lead to a denial-of-service DoS. Solution Update the firmware Update to the latest...

5CVSS6.2AI score0.02897EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/05 5:11 a.m.7 views

Multiple TYPE-MOON games vulnerable to OS command injection

Overview Multiple games provided by TYPE-MOON contain an OS command injection vulnerability CWE-78 due to an issue in loading save data. KUSANO Kazuhiko reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact When...

10CVSS7.6AI score0.0372EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/05 12:0 a.m.38 views

JVN#80144272: Multiple TYPE-MOON games vulnerable to OS command injection

Multiple games provided by TYPE-MOON contain an OS command injection vulnerability CWE-78 due to an issue in loading save data. Impact When specially crafted save data is loaded, an arbitrary OS command may be executed. Solution Apply a Workaround The following workaround can mitigate the affects...

10CVSS6.9AI score0.0372EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/02 5:10 a.m.2 views

ISUCON5 qualifier portal web application (eventapp) vulnerable to OS command injection

Overview ISUCON5 qualifier portal web application eventapp provided by ISUCON organizers contains an OS command injection CWE-78 vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

6.5CVSS7.8AI score0.02454EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/11/02 12:0 a.m.39 views

JVN#04281281: ISUCON5 qualifier portal web application (eventapp) vulnerable to OS command injection

ISUCON5 qualifier portal web application eventapp provided by ISUCON organizers contains an OS command injection CWE-78 vulnerability. Impact A logged in attacker may execute arbitrary OS commands on the server. Solution Update the Software Update to the latest version according to the informatio...

6.5CVSS7.5AI score0.02454EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/10/30 6:16 a.m.2 views

Multiple routers contain issue in preventing clickjacking attacks

Overview Multiple router products contain an issue in the protection against clickjacking attacks. Noriaki Iwasaki of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact If a user...

2.6CVSS6.5AI score
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/10/30 6:16 a.m.2 views

HTML::Scrubber vulnerable to cross-site scripting

Overview HTML::Scrubber is a Perl module for scrubbing/sanitizing html. HTML::Scrubber contains a cross-site scripting vulnerability CWE-79. Toshiharu Sugiyama and Ryo Murakami of DeNA Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securit...

2.6CVSS6AI score0.02092EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/10/30 12:0 a.m.16 views

JVN#48135658: Multiple routers contain issue in preventing clickjacking attacks

Multiple router products contain an issue in the protection against clickjacking attacks. Impact If a user views a malicious page while logged in, unintended operations may be conducted. Solution Apply a solution Solutions vary depending on the product. Apply the appropriate solution according to...

6.7AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/10/30 12:0 a.m.31 views

JVN#53973084: HTML::Scrubber vulnerable to cross-site scripting

HTML::Scrubber is a Perl module for scrubbing/sanitizing html. HTML::Scrubber contains a cross-site scripting vulnerability CWE-79. Impact If the function "comment" is enabled, an arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version...

2.6CVSS5.5AI score0.02092EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/10/29 4:46 a.m.5 views

Enisys Gw vulnerable to cross-site scripting

Overview Enisys Gw provided by Techno Project Japan Co. is an open source groupware. Enisys Gw contains a cross-site scripting vulnerability CWE-79. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

4.3CVSS6AI score0.01171EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/10/29 4:46 a.m.3 views

Enisys Gw fails to restrict access permissions

Overview Enisys Gw provided by Techno Project Japan Co. is an open source groupware. Enisys Gw fails to restrict access permissions. Impact A remote unauthenticated attacker may be access to an arbitrary file uploaded on the product. Solution Update the Software Update to the latest version...

5CVSS7AI score0.01423EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2015/10/29 4:37 a.m.4 views

Enisys Gw vulnerable to arbitrary file creation

Overview Enisys Gw provided by Techno Project Japan Co. is an open source groupware. Enisys Gw contains a vulnerability that may allow a remote attacker to create arbitrary files. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

6.5CVSS7.1AI score0.01959EPSS
Exploits0References6
Total number of security vulnerabilities5625