Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/04 5:49 a.m.•2 views

Maroyaka Image Album vulnerable to cross-site scripting

Overview Maroyaka Image Album provided by Maroyaka CGI is a CGI script for placing image files within a website. Maroyaka Image Album contains a cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/04 5:48 a.m.•0 views

Maroyaka Simple Board vulnerable to cross-site scripting

Overview Maroyaka Simple Board provided by Maroyaka CGI is a CGI script for posting text into a website. Maroyaka Simple Board contains a persistent cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securi...

5CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/04 12:0 a.m.•32 views

JVN#09871547: Maroyaka Image Album vulnerable to cross-site scripting

Maroyaka Image Album provided by Maroyaka CGI is a CGI script for placing image files within a website. Maroyaka Image Album contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest versi...

4.3CVSS6AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/04 12:0 a.m.•28 views

JVN#91016415: Maroyaka Relay Novel vulnerable to cross-site scripting

Maroyaka Relay Novel provided by Maroyaka CGI is a CGI script for posting text into a website. Maroyaka Relay Novel contains a persistent cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...

4.3CVSS6AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/04 12:0 a.m.•35 views

JVN#63687798: Maroyaka Simple Board vulnerable to cross-site scripting

Maroyaka Simple Board provided by Maroyaka CGI is a CGI script for posting text into a website. Maroyaka Simple Board contains a persistent cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest...

4.3CVSS6AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/03 4:39 a.m.•2 views

Google Captcha (reCAPTCHA) by BestWebSoft vulnerable to CAPTCHA authentication bypass

Overview Google Captcha reCAPTCHA by BestWebSoft is a plugin for WordPress. Google Captcha reCAPTCHA by BestWebSoft contains a CAPTCHA authentication bypass vulnerability CWE-254. Impact If this vulnerability is exploited, an attacker may be able to successfully login to WordPress and access an...

5CVSS6.8AI score0.02351EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/03 4:38 a.m.•4 views

BestWebSoft Captcha plugin vulnerable to CAPTCHA authentication bypass

Overview Captcha provided by BestWebSoft is a plugin for WordPress. Captcha contains a CAPTCHA authentication bypass vulnerability CWE-254. Impact If this vulnerability is exploited, an attacker may be able to successfully login to WordPress and access an administrative interface without...

5CVSS6.8AI score0.02351EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/03 12:0 a.m.•37 views

JVN#55063777: Google Captcha (reCAPTCHA) by BestWebSoft vulnerable to CAPTCHA authentication bypass

Google Captcha reCAPTCHA by BestWebSoft is a plugin for WordPress. Google Captcha reCAPTCHA by BestWebSoft contains a CAPTCHA authentication bypass vulnerability CWE-254. Impact If this vulnerability is exploited, an attacker may be able to successfully login to WordPress and access an...

5CVSS6.4AI score0.02351EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/03/03 12:0 a.m.•42 views

JVN#93727681: BestWebSoft Captcha plugin vulnerable to CAPTCHA authentication bypass

Captcha provided by BestWebSoft is a plugin for WordPress. Captcha contains a CAPTCHA authentication bypass vulnerability CWE-254. Impact If this vulnerability is exploited, an attacker may be able to successfully login to WordPress and access an administrative interface without authentication...

5CVSS6.4AI score0.02351EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 6:57 a.m.•3 views

Cross-site Scripting Vulnerability in Hitachi IT Operations Analyzer

Overview A cross-site scripting vulnerability was found in the online help of Hitachi IT Operations Analyzer. Impact Remote users can exploit a cross-site scripting vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasur...

4.3CVSS6.2AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 6:56 a.m.•2 views

Cross-site Scripting Vulnerability in JP1/IT Desktop Management - Manager and Hitachi IT Operations Director

Overview A cross-site scripting vulnerability was found in the online help of JP1/IT Desktop Management - Manager and Hitachi IT Operations Director. Impact Remote users can exploit a cross-site scripting vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information...

4.3CVSS6.2AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 6:55 a.m.•2 views

Multiple Cross-site Scripting Vulnerabilities in Hitachi Compute Systems Manager

Overview Multiple cross-site scripting vulnerabilities were found in Hitachi Compute Systems Manager. Impact Remote users can exploit multiple cross-site scripting vulnerabilities to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasu...

4.3CVSS6.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 6:39 a.m.•2 views

SEIL Series routers vulnerable to denial-of-service (DoS)

Overview The PPP Access Concentrator PPPAC in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to a flaw in processing SSTP packets. Impact Receiving a specially crafted SSTP packet may result in the device becoming unresponsive...

7.1CVSS6.8AI score0.01531EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 5:3 a.m.•1 views

Vulnerability in the jBCrypt key stretching process

Overview jBCrypt is a Java implementation to compute password hashes. jBCrypt contains an integer overflow vulnerability in the key stretching process. An integer overflow occurs when the parameter for the repetition count is set to the maximum value allowed, 31. Norito AGETSUMA reported this...

5CVSS7AI score0.04803EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 5:2 a.m.•3 views

KENT-WEB Clip Board vulnerability where arbitary files may be deleted

Overview Clip Board provided by KENT-WEB is a bulletin board software that allows users to upload binary files such as image files. KENT-WEB Clip Board contains a vulnerability that may allow a remote attacker to delete arbitrary files. Shoji Baba reported this vulnerability to IPA. JPCERT/CC...

6.4CVSS6.9AI score0.01511EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 4:57 a.m.•4 views

Joyful Note vulnerability in handling files

Overview Joyful Note from KENT-WEB is a bulletin board software that allows users to upload binary files such as image files. Joyful Note contains a vulnerability in handling files. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

7.5CVSS7.2AI score0.02622EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 3:30 a.m.•1 views

checkpw vulnerable to denial-of-service (DoS)

Overview checkpw is a password authentication program. checkpw contains a denial-of-service DoS vulnerability due to a flaw in processing account names CWE-400. Hiroya Ito of GMO Pepabo, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

5CVSS6.9AI score0.02427EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 12:0 a.m.•143 views

JVN#88862608: Joyful Note vulnerability in handling files

Joyful Note from KENT-WEB is a bulletin board software that allows users to upload binary files such as image files. Joyful Note contains a vulnerability in handling files. Impact A remote attacker may create arbitrary files or delete existing files on the server. As a result, arbitrary code may ...

7.5CVSS6.9AI score0.02622EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 12:0 a.m.•34 views

JVN#77718330: Vulnerability in the jBCrypt key stretching process

jBCrypt is a Java implementation to compute password hashes. jBCrypt contains an integer overflow vulnerability in the key stretching process. An integer overflow occurs when the parameter for the repetition count is set to the maximum value allowed, 31. Impact When the hash value for a password ...

5CVSS5.4AI score0.04803EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 12:0 a.m.•30 views

JVN#34790526: checkpw vulnerable to denial-of-service (DoS)

checkpw is a password authentication program. checkpw contains a denial-of-service DoS vulnerability due to a flaw in processing account names CWE-400. Impact A remote attacker may be able to cause a denial-of-service DoS. Solution Update the Software Update to the latest version according to the...

5CVSS6.2AI score0.02427EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 12:0 a.m.•36 views

JVN#63949115: SEIL Series routers vulnerable to denial-of-service (DoS)

The PPP Access Concentrator PPPAC in SEIL Series routers provided by Internet Initiative Japan Inc. contain a denial-of-service DoS vulnerability due to a flaw in processing SSTP packets. Impact Receiving a specially crafted SSTP packet may result in the device becoming unresponsive. Solution...

7.1CVSS6.5AI score0.01531EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/27 12:0 a.m.•32 views

JVN#62298871: KENT-WEB Clip Board vulnerability where arbitary files may be deleted

Clip Board provided by KENT-WEB is a bulletin board software that allows users to upload binary files such as image files. KENT-WEB Clip Board contains a vulnerability that may allow a remote attacker to delete arbitrary files. Impact A remote attacker may delete arbitrary files on the server...

6.4CVSS6.5AI score0.01511EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/25 6:9 a.m.•3 views

Zen Cart Japanese version vulnerable to cross-site scripting

Overview Zen Cart is an open source system for creating shopping websites. Zen Cart Japanese version contains a cross-site scripting vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact ...

4.3CVSS6AI score0.02188EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/25 6:0 a.m.•2 views

SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution

Overview Mailform Pro CGI provided by SYNCK GRAPHICA contains a flaw in the process of sending emails, which may result in an arbitrary code execution. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

6.8CVSS7.5AI score0.02293EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/25 12:0 a.m.•34 views

JVN#44544694: Zen Cart Japanese version vulnerable to cross-site scripting

Zen Cart is an open source system for creating shopping websites. Zen Cart Japanese version contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the web browser of a user who is logged on as an administrator. Solution For Zen Cart v1.5 ja variants: Update t...

4.3CVSS6AI score0.02188EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/25 12:0 a.m.•34 views

JVN#30135729: SYNCK GRAPHICA Mailform Pro CGI vulnerable to remote code execution

Mailform Pro CGI provided by SYNCK GRAPHICA contains a flaw in the process of sending emails, which may result in an arbitrary code execution. Impact Arbitrary code may be executed on the server. Solution Update the Software Update to the latest version according to the information provided by th...

6.8CVSS6.6AI score0.02293EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/24 5:35 a.m.•1 views

Speed Software Root Explorer and Explorer vulnerable to directory traversal

Overview Root Explorer and Explorer provided by Speed Software contain an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the develop...

5CVSS7AI score0.01639EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/24 12:0 a.m.•27 views

JVN#42768331: Speed Software Root Explorer and Explorer vulnerable to directory traversal

Root Explorer and Explorer provided by Speed Software contain an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Impact A remote, unauthenticated attacker may create an arbitrary file or overwrite an existing file in a directory that the application...

5CVSS6.6AI score0.01639EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/20 5:55 a.m.•2 views

AL-Mail32 vulnerable to buffer overflow

Overview AL-Mail32 provided by CREAR Corporation is an email client for Windows. AL-Mail32 contains a buffer overflow vulnerability due to a flaw in processing attachments. Impact When an attachment with specially crafted file name is processed, arbitrary code may be executed. Solution Update the...

6.8CVSS7.5AI score0.02676EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/20 5:55 a.m.•3 views

Squid input validation vulnerability

Overview Squid contains a vulnerability where inputs are not properly validated. Squid is a caching proxy server. Squid contains a vulnerability where server responses that contain invalid values in the Content-Length of the HTTP header are sent to the client. Kazuho Oku reported this vulnerabili...

4.3CVSS6.7AI score0.04507EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/20 5:54 a.m.•2 views

AL-Mail32 vulnerable to denial-of-service (DoS)

Overview AL-Mail32 provided by CREAR Corporation is an email client for Windows. AL-Mail32 contains a denial-of-service DoS vulnerability due to a flaw in processing attachments. Yosuka HASEGAWA of NetAgent Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer unde...

4.3CVSS6.5AI score0.01321EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/20 5:37 a.m.•2 views

AL-Mail32 vulnerable to directory traversal

Overview AL-Mail32 provided by CREAR Corporation is an email client for Windows. AL-Mail32 contains a directory traversal vulnerability due to a flaw in processing attachments. Yosuka HASEGAWA of NetAgent Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5.8CVSS6.6AI score0.01569EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/20 12:0 a.m.•24 views

JVN#77294617: AL-Mail32 vulnerable to directory traversal

AL-Mail32 provided by CREAR Corporation is an email client for Windows. AL-Mail32 contains a directory traversal vulnerability due to a flaw in processing attachments. Impact Processing an attachment with a specially crafted file name may result in creation of an arbitrary file or an overwrite of...

5.8CVSS6.4AI score0.01569EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/20 12:0 a.m.•39 views

JVN#93318392: AL-Mail32 vulnerable to buffer overflow

AL-Mail32 provided by CREAR Corporation is an email client for Windows. AL-Mail32 contains a buffer overflow vulnerability due to a flaw in processing attachments. Impact When an attachment with specially crafted file name is processed, arbitrary code may be executed. Solution Update the Software...

6.8CVSS7.2AI score0.02676EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/20 12:0 a.m.•32 views

JVN#55365709: AL-Mail32 vulnerable to denial-of-service (DoS)

AL-Mail32 provided by CREAR Corporation is an email client for Windows. AL-Mail32 contains a denial-of-service DoS vulnerability due to a flaw in processing attachments. Impact Processing an attachment with a specially crafted file name may cause the software to become unresponsive. Solution Upda...

4.3CVSS6.2AI score0.01321EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/20 12:0 a.m.•31 views

JVN#64455813: Squid input validation vulnerability

Squid is a caching proxy server. Squid contains a vulnerability where server responses that contain invalid values in the Content-Length of the HTTP header are sent to the client. Impact If a HTTP response with a specially crafted header is processed, it may result in a HTTP response splitting...

4.3CVSS7.4AI score0.04507EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/17 5:21 a.m.•3 views

C-BOARD Moyuku vulnerable to arbitrary file creation

Overview C-BOARD Moyuku is a bulletin board software. C-BOARD Moyuku contains a vulnerability that may allow a remote attacker to create arbitrary files. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

7.5CVSS7.6AI score0.02673EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/17 5:20 a.m.•4 views

Saurus CMS Community Edition vulnerable to cross-site scripting

Overview Saurus CMS Community Edition is open source software to manage and build websites. Saurus CMS Community Edition contains multiple cross-site scripting vulnerabilities. Yuji Tounai of NTT Com Security reported these vulnerabilities to IPA. JPCERT/CC coordinated with the developer under...

4.3CVSS6.5AI score0.01786EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/17 12:0 a.m.•30 views

JVN#73261710: C-BOARD Moyuku vulnerable to arbitrary file creation

C-BOARD Moyuku is a bulletin board software. C-BOARD Moyuku contains a vulnerability that may allow a remote attacker to create arbitrary files. Impact A remote attacker creating arbitrary files may result in arbitrary code execution on the server. Solution Update the Software Update to the lates...

7.5CVSS7.2AI score0.02673EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/17 12:0 a.m.•36 views

JVN#18387086: Saurus CMS Community Edition vulnerable to cross-site scripting

Saurus CMS Community Edition is open source software to manage and build websites. Saurus CMS Community Edition contains multiple cross-site scripting vulnerabilities. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Apply the appropriate update...

4.3CVSS5.9AI score0.01786EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/16 2:21 a.m.•1 views

Cross-site Scripting Vulnerability in Hitachi Application Server Help

Overview Hitachi Application Server Help contains a cross-site scripting vulnerability. Impact A remote attacker can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

4.3CVSS6.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/16 2:12 a.m.•3 views

Cross-site Scripting Vulnerability in Hitachi Command Suite Products

Overview The online help of Hitachi Command Suite Products contains a cross-site scripting vulnerability. Impact A remote attacker can exploit this vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take...

4.3CVSS6.5AI score0.01148EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/13 5:33 a.m.•3 views

Smartphone Passbook for Android information management vulnerability

Overview Smartphone Passbook for Android contains an issue where user inputs are output into a log file. Hiroshi Kumagai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact Other android applications with...

2.6CVSS6.4AI score0.00401EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/13 5:32 a.m.•3 views

Smartphone Passbook fails to verify SSL server certificates

Overview Smartphone Passbook provided by Ogaki Kyoritsu bank Ltd. fails to verify SSL server certificates. Hiroshi Kumagai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack may allow...

5.9CVSS6.5AI score0.00828EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/13 4:58 a.m.•1 views

PerlTreeBBS vulnerable to cross-site scripting

Overview PerlTreeBBS from Homepage Decorator is a tree-structured bulletin board software. PerlTreeBBS contains a persistent cross-site scripting vulnerability CWE-79. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

5CVSS6AI score0.00942EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/13 4:58 a.m.•4 views

shiromuku(u1)GUESTBOOK vulnerable to cross-site scripting

Overview shiromukuu1GUESTBOOK from Perl CGI's By Mrs. Shiromuku is a bulletin board software. shiromukuu1GUESTBOOK contains a cross-site scripting vulnerability. Koki Takahashi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

4.3CVSS6.1AI score0.00931EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/13 12:0 a.m.•37 views

JVN#48659722: Smartphone Passbook for Android information management vulnerability

Smartphone Passbook for Android contains an issue where user inputs are output into a log file. Impact Other android applications with permissions to read system log files may obtain information entered by a user. Solution Update the Software Update to the latest version according to the...

1.8CVSS6.2AI score0.00401EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/13 12:0 a.m.•35 views

JVN#14522790: Smartphone Passbook fails to verify SSL server certificates

Smartphone Passbook provided by Ogaki Kyoritsu bank Ltd. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by...

5.9CVSS5.5AI score0.00828EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/10 12:0 a.m.•32 views

JVN#96155055: PerlTreeBBS vulnerable to cross-site scripting

PerlTreeBBS from Homepage Decorator is a tree-structured bulletin board software. PerlTreeBBS contains a persistent cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according ...

4.3CVSS5.9AI score0.00942EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2015/02/05 12:0 a.m.•43 views

JVN#17480391: shiromuku(u1)GUESTBOOK vulnerable to cross-site scripting

shiromukuu1GUESTBOOK from Perl CGI's By Mrs. Shiromuku is a bulletin board software. shiromukuu1GUESTBOOK contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...

4.3CVSS5.9AI score0.00931EPSS
Exploits0
Total number of security vulnerabilities5625