5609 matches found
JVN#86680970: Gazou BBS plus vulnerability in file upload processing
Gazou BBS plus provided by LEMON-S PHP contains a vulnerability in the processing of file uploads. Impact An image file may be specially crafted to upload arbitrary HTML files. Solution Apply an Update Apply the update according to the information provided by the provider. Products Affected Gazou...
Welcart vulnerable to SQL injection
Overview Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a SQL injection CWE-89 vulnerability due to the processing of changeSort parameter in admin.php. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...
Research Artisan Lite does not properly perform authentication
Overview Research Artisan Lite provided by Research Artisan Project is an access analysis tool. Research Artisan Lite does not properly perform authentication CWE-592. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer unde...
Research Artisan Lite vulnerable to cross-site scripting
Overview Research Artisan Lite provided by Research Artisan Project is an access analysis tool. Research Artisan Lite contains multiple cross-site scripting vulnerabilities CWE-79. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the...
Welcart vulnerable to cross-site scripting
Overview Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a cross-site scripting CWE-79 vulnerability due to the processing of uscesreferer parameter in admin.php. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the...
JVN#10559378: Research Artisan Lite does not properly perform authentication
Research Artisan Lite provided by Research Artisan Project is an access analysis tool. Research Artisan Lite does not properly perform authentication CWE-592. Impact An attacker may perform operations in Research Artisan Lite without logging into the system. Solution Update the Software Update to...
JVN#58020495: Research Artisan Lite vulnerable to cross-site scripting
Research Artisan Lite provided by Research Artisan Project is an access analysis tool. Research Artisan Lite contains multiple cross-site scripting vulnerabilities CWE-79. Impact There are two attack scenarios. 1. If a user views a malicious web page, an arbitrary script may be executed on the...
JVN#97971874: Welcart vulnerable to cross-site scripting
Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a cross-site scripting CWE-79 vulnerability due to the processing of uscesreferer parameter in admin.php. Impact If a user views a malicious page while logged into WordPress with this plugin...
JVN#92828286: Welcart vulnerable to SQL injection
Welcart provided by Collne Inc. is a WordPress plugin for creating shopping websites. Welcart contains a SQL injection CWE-89 vulnerability due to the processing of changeSort parameter in admin.php. Impact An attacker that can log in to WordPress with this plugin enabled may obtain or alter...
PHP for Windows vulnerable to OS command injection
Overview PHP for Windows contains an OS command injection due to a processing flaw in the escapeshellarg function. Masahiro Yamada reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact Specifying a specially craft...
JVN#73568461: PHP for Windows vulnerable to OS command injection
PHP for Windows contains an OS command injection due to a processing flaw in the escapeshellarg function. Impact Specifying a specially crafted parameter in the escapeshellarg function may result in an arbitrary OS command being executed. Solution Apply the patch Apply the patch according to the...
Thetis vulnerable to SQL injection
Overview Thetis provided by Sysphonic Co., Ltd. is an open source groupware and SNS. Thetis contains a SQL injection CWE-89 vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attack...
acmailer vulnerable to directory traversal
Overview acmailer provided by Seeds Co.,Ltd. contains a directory traversal CWE-22 vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An authenticated attacker may delete files on the...
JVN#64051989: acmailer vulnerable to directory traversal
acmailer provided by Seeds Co.,Ltd. contains a directory traversal CWE-22 vulnerability. Impact An authenticated attacker may delete files on the server. Solution Update the software Update to the latest version according to the information provided by the developer. Products Affected acmailer...
JVN#19011483: Thetis vulnerable to SQL injection
Thetis provided by Sysphonic Co., Ltd. is an open source groupware and SNS. Thetis contains a SQL injection CWE-89 vulnerability. Impact An attacker may obtain or alter information stored in the database. Solution Apply an Update Apply the update according to the information provided by the...
LINE@ vulnerable to script injection
Overview LINE@ provided by LINE Corporation is an application used to communicate with others. LINE@ is vulnerable to MITM man-in-the-middle attacks since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM man-in-the-middle...
Simple Oekaki BBS vulnerable to cross-site scripting
Overview Simple Oekaki BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of oekakis parameter in index.php. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
Simple Oekaki BBS vulnerability where arbitrary files may be deleted
Overview Simple Oekaki BBS provided by LEMON-S PHP contains a flaw in parsing the oekakis parameter in index.php, which may allow a remote attacker to delete arbitrary files. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
JVN#67540183: Simple Oekaki BBS vulnerable to cross-site scripting
Simple Oekaki BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of oekakis parameter in index.php. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version...
JVN#22546110: LINE@ vulnerable to script injection
LINE@ provided by LINE Corporation is an application used to communicate with others. LINE@ is vulnerable to MITM man-in-the-middle attacks since the application allows non-SSL/TLS communications. As a result, any API may be invoked from a script injected by a MITM man-in-the-middle attacker...
JVN#61935381: Simple Oekaki BBS vulnerability where arbitary files may be deleted
Simple Oekaki BBS provided by LEMON-S PHP contains a flaw in parsing the oekakis parameter in index.php, which may allow a remote attacker to delete arbitrary files. Impact A remote attacker may delete arbitrary files on the server. Solution Update the Software Update to the latest version...
Cacti vulnerable to cross-site scripting
Overview Cacti is a web application that graphs stored data collected from network devices. Cacti contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing parameters in graphview.php. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IP...
Cacti vulnerable to cross-site request forgery
Overview Cacti is a web application that graphs stored data collected from network devices. Cacti contains a cross-site request forgery vulnerability CWE-352. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
Cacti vulnerable to cross-site scripting
Overview Cacti is a web application that graphs stored data collected from network devices. Cacti contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing parameters in settings.php. Daiki Fukumori of Cyber Defense Institute, Inc. and Masako Ohno reported this vulnerabilit...
JVN#09758120: Cacti vulnerable to cross-site scripting
Cacti is a web application that graphs stored data collected from network devices. Cacti contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing parameters in graphview.php. Impact If a user views a malicious page while logged in, an arbitrary script may be executed on th...
JVN#78187936: Cacti vulnerable to cross-site scripting
Cacti is a web application that graphs stored data collected from network devices. Cacti contains a cross-site scripting vulnerability CWE-79 due to a flaw in processing parameters in settings.php. Impact If a user views a malicious page while logged in, an arbitrary script may be executed on the...
JVN#55076671: Cacti vulnerable to cross-site request forgery
Cacti is a web application that graphs stored data collected from network devices. Cacti contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the software Update to the latest...
Explorer+ File Manager vulnerable to directory traversal
Overview Explorer+ File Manager provided by Droidware UK contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...
OpenEMR vulnerable to authentication bypass
Overview OpenEMR is an electronic health records and medical practice management application. OpenEMR contains an authentication bypass vulnerability CWE-302. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
JVN#77386811: Explorer+ File Manager vulnerable to directory traversal
Explorer+ File Manager provided by Droidware UK contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application has...
JVN#22677713: OpenEMR vulnerable to authentication bypass
OpenEMR is an electronic health records and medical practice management application. OpenEMR contains an authentication bypass vulnerability CWE-302. Impact Sensitive information may be obtained by a remote attacker who can access the web interface of the product. Solution Update the software and...
osCommerce Japanese version vulnerable to directory traversal
Overview osCommerce is an open source system for creating shopping websites. osCommerce Japanese version contains a directory traversal vulnerability. Masako Ohno reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...
namshi/jose fails to verify token signatures
Overview namshi/jose is a PHP library for handling JSON Web Tokens JWT. namshi/jose contains a vulnerability in processing JWT headers where it fails to verify token signatures. Toshiharu Sugiyama of DeNA Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
JVN#96312698: osCommerce Japanese version vulnerable to directory traversal
osCommerce is an open source system for creating shopping websites. osCommerce Japanese version contains a directory traversal vulnerability. Impact A user who can log in to the system as an administrator may obtain arbitrary files on the server. Solution Update the Software Update to the latest...
JVN#25336719: namshi/jose fails to verify token signatures
namshi/jose is a PHP library for handling JSON Web Tokens JWT. namshi/jose contains a vulnerability in processing JWT headers where it fails to verify token signatures. Impact Specially crafted tokens may be validated as token data with valid signatures. Solution Update the Software Update to the...
Symfony vulnerable to code injection
Overview Symfony is an open source web application framework provided by SensioLabs. Symfony contains a code injection vulnerability. Applications with ESI support enabled and using the Symfony built-in reverse proxy the HttpCache class are affected. Takeshi Terada of Mitsui Bussan Secure...
JVN#19578958: Symfony vulnerable to code injection
Symfony is an open source web application framework provided by SensioLabs. Symfony contains a code injection vulnerability. Applications with ESI support enabled and using the Symfony built-in reverse proxy the HttpCache class are affected. Impact Arbitrary PHP code may be executed on the server...
Ruby on Rails library Paperclip vulnerable to cross-site scripting
Overview Paperclip provided by thoughtbot is a library to upload files in Ruby on Rails. Paperclip contains a persistent cross-site scripting vulnerability CWE-79. MORI Shingo of DeNA Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
JVN#83881261: Ruby on Rails library Paperclip vulnerable to cross-site scripting
Paperclip provided by thoughtbot is a library to upload files in Ruby on Rails. Paperclip contains a persistent cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to t...
MilkyStep fails to restrict access permissions
Overview MilkyStep provided by Igreks Inc. is a CGI for e-mail newsletter distribution management. MilkyStep fails to restrict access permissions against the management function for user information CWE-284. Note that this vulnerability is different from JVN16409640 or JVN74280258. Kusano Kazuhik...
BloBee vulnerable to arbitrary file creation
Overview BloBee provided by CGI RESCUE is a bulletin board software. BloBee contains a vulnerability that may allow a remote attacker to create arbitrary files CWE-20. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
LoadLibrary function in Microsoft Windows fails to validate input properly
Overview The LoadLibrary function in Microsoft Windows fails to validate input properly. As a result, it may load a specially crafted DLL file CWE-114. Takashi Yoshikawa of Mitsui Bussan Secure Directions reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informati...
JVN#18146081: LoadLibrary function in Microsoft Windows fails to validate input properly
The LoadLibrary function in Microsoft Windows fails to validate input properly. As a result, it may load a specially crafted DLL file CWE-114. Impact An arbitrary code may be executed as a result of an application loads a specially crafted DLL file. Solution Update the Software This issue was...
JVN#19732015: MilkyStep fails to restrict access permissions
MilkyStep provided by Igreks Inc. is a CGI for e-mail newsletter distribution management. MilkyStep fails to restrict access permissions against the management function for user information CWE-284. Impact A non-administrative user may be able to change administrative user credentials. Solution...
JVN#24336273: BloBee vulnerable to arbitrary file creation
BloBee provided by CGI RESCUE is a bulletin board software. BloBee contains a vulnerability that may allow a remote attacker to create arbitrary files CWE-20. Impact An arbitrary file created by an attacker may result in arbitrary code being executed on the server. Solution Update the Software...
MilkyStep fails to restrict access permissions
Overview MilkyStep provided by Igreks Inc. fails to restrict access permissions. Note that this vulnerability is different from JVN16409640. MilkyStep provided by Igreks Inc. is a CGI for e-mail newsletter distribution management. MilkyStep fails to restrict access permissions CWE-264. Kusano...
MilkyStep vulnerable to cross-site scripting
Overview MilkyStep provided by Igreks Inc. contains a cross-site scripting vulnerability. MilkyStep provided by Igreks Inc. is a CGI for e-mail newsletter distribution management. MilkyStep contains a cross-site scripting vulnerability CWE-79. Kusano Kazuhiko reported this vulnerability to IPA...
MilkyStep vulnerable to SQL injection
Overview MilkyStep provided by Igreks Inc. contains a SQL injection vulnerability. MilkyStep provided by Igreks Inc. is a CGI for e-mail newsletter distribution management. MilkyStep contains a SQL injection vulnerability CWE-89. Kusano Kazuhiko reported this vulnerability to IPA. JPCERT/CC...
MilkyStep vulnerable to OS command injection
Overview MilkyStep provided by Igreks Inc. is a CGI for e-mail newsletter distribution management. MilkyStep contains an OS command injection vulnerability CWE-78. Kusano Kazuhiko reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
MilkyStep vulnerable to cross-site request forgery
Overview MilkyStep provided by Igreks Inc. is a CGI for e-mail newsletter distribution management. MilkyStep contains a cross-site request forgery vulnerability CWE-352. Kusano Kazuhiko reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...