Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/20 12:0 a.m.•27 views

JVN#38790987: EC-CUBE vulnerable to cross-site scripting

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a vulnerability in processing the output of error messages, which may lead to cross-site scripting. Impact An arbitrary script may be executed on the user's web browser. Solution Apply the updat...

4.3CVSS6.1AI score0.01207EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/20 12:0 a.m.•30 views

JVN#06377589: EC-CUBE vulnerable to cross-site scripting

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply the update or the patch Apply the update or the patch according to the...

4.3CVSS6AI score0.01883EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/20 12:0 a.m.•30 views

JVN#11221613: EC-CUBE vulnerable to cross-site request forgery

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged in, unintended operations may be conducted. Solution Apply the update or the patch Apply the upda...

6.8CVSS6.3AI score0.01079EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/20 12:0 a.m.•39 views

JVN#61077110: EC-CUBE vulnerable to information disclosure

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a vulnerability in processing the output of error logs, which may lead to information disclosure. Impact A user who visits the shopping site may view the information managed by the website owner...

4.3CVSS6AI score0.01309EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/20 12:0 a.m.•29 views

JVN#06870202: EC-CUBE information disclosure vulnerability

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an information disclosure vulnerability. Impact When the server receives a specially crafted request, the absolute path of the product on the server may be obtained. Solution Apply the update or...

5CVSS6.2AI score0.01504EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/15 6:54 a.m.•6 views

ASP.NET vulnerable to open redirect

Overview ASP.NET provided by Microsoft contains an open redirect vulnerability due to an issue in the login component. ASP.NET provided by Microsoft contains an open redirect vulnerability due to an issue in the login component. Therefore a web application that implements ASP.NET may be vulnerabl...

6.8CVSS6.6AI score0.24138EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/15 12:0 a.m.•55 views

JVN#71256611: ASP.NET vulnerable to open redirect

ASP.NET provided by Microsoft contains an open redirect vulnerability due to an issue in the login component. Therefore a web application that implements ASP.NET may be vulnerable. Impact The user who accesses the web application that implements ASP.NET may be redirected to an arbitrary website. ...

6.8CVSS6AI score0.24138EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/12 5:33 a.m.•3 views

Ichitaro series vulnerable to arbitrary code execution

Overview The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. This vulnerability differs from other issues that were previously published on JVN. For more information, please refer to the developer's website...

9.3CVSS7.6AI score0.04587EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/12 12:0 a.m.•40 views

JVN#44999463: Ichitaro series vulnerable to arbitrary code execution

The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. For more information, please refer to the developer's website. Impact When a user opens a specially crafted file, arbitrary code may be executed. Solution...

9.3CVSS7AI score0.04587EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/07 5:3 a.m.•2 views

Page Scroller vulnerable to cross-site scripting

Overview The ZIP archive for Page Scroller contains an issue where it includes a version of jQuery that is vulnerable to cross-site scripting. Page Scroller from coliss is a script that uses jQuery. In addition to Page Scroller being avaliable just as a script, it is also available as a ZIP archi...

4.3CVSS5.7AI score
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/07 4:59 a.m.•1 views

TOWN (modified version) vulnerable to cross-site scripting

Overview TOWN modified version contains a cross-site scripting vulnerability. TOWN modified version provided by Tattyan's HP contains a cross-site scripting vulnerability. Yu Yagihashi of Keiji Takeda Lab, Keio University reported this vulnerability to IPA. JPCERT/CC coordinated with the develope...

4.3CVSS6.1AI score0.01161EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/07 12:0 a.m.•54 views

JVN#28467717: Page Scroller vulnerable to cross-site scripting

Page Scroller from coliss is a script that uses jQuery. In addition to Page Scroller being avaliable just as a script, it is also available as a ZIP archive that includes jQuery and demo files. The jQuery included in the ZIP archive contains a known cross-site scripting vulnerability CVE-2011-496...

4.3CVSS6.1AI score0.19191EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/07 12:0 a.m.•31 views

JVN#12513975: TOWN (modified version) vulnerable to cross-site scripting

TOWN modified version provided by Tattyan's HP contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an update Update to the latest version according to the information provided by the developer. Products Affected TOWN...

4.3CVSS5.9AI score0.01161EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/05 6:11 a.m.•2 views

Tiki Wiki CMS Groupware vulnerable to SQL injection

Overview Tiki Wiki CMS Groupware Tiki is a content management system CMS. Tiki contains a SQL injection vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary SQL...

7.5CVSS8AI score0.01868EPSS
Exploits1References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/05 6:5 a.m.•3 views

Tiki Wiki CMS Groupware vulnerable to cross-site scripting

Overview Tiki Wiki CMS Groupware Tiki is a content management system CMS. Tiki contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

4.3CVSS6.1AI score0.01156EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/05 12:0 a.m.•21 views

JVN#75720314: Tiki Wiki CMS Groupware vulnerable to SQL injection

Tiki Wiki CMS Groupware Tiki is a content management system CMS. Tiki contains a SQL injection vulnerability. Impact An arbitrary SQL command may be executed in the database the product is referencing. Solution Apply an Update Apply the appropriate update for the version of the software being use...

7.5CVSS7.4AI score0.01868EPSS
Exploits1
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/11/05 12:0 a.m.•29 views

JVN#81813850: Tiki Wiki CMS Groupware vulnerable to cross-site scripting

Tiki Wiki CMS Groupware Tiki is a content management system CMS. Tiki contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the web browser of an user who is logged in. Solution Apply an Update Apply the appropriate update for the version of the software bei...

4.3CVSS6AI score0.01156EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/30 7:32 a.m.•0 views

Use-after-free vulnerability in multiple products that use International Components for Unicode (ICU)

Overview Multiple products that use International Components for Unicode ICU contain a use-after-free vulnerability. International Components for Unicode ICU is a library for handling Unicode strings. A C version, ICU4C and a Java version, ICU4J are available. Multiple products that use ICU4C...

7.5CVSS9.1AI score0.02531EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/30 7:8 a.m.•1 views

Multiple products that use International Components for Unicode (ICU) vulnerable to denial-of-service (DoS)

Overview Multiple products that use International Components for Unicode ICU contain a denial-of-service DoS vulnerability. International Components for Unicode ICU is a library for handling Unicode strings. A C version, ICU4C and a Java version ICU4J are available. Multiple products that use ICU...

6.8CVSS8.9AI score0.01339EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/30 12:0 a.m.•36 views

JVN#85336306: Use-after-free vulnerability in multiple products that use International Components for Unicode (ICU)

International Components for Unicode ICU is a library for handling Unicode strings. A C version, ICU4C and a Java version, ICU4J are available. Multiple products that use ICU4C contain a use-after-free vulnerability. ICU released ICU4C version 52.1 that addresses this vulnerability on October 9,...

7.5CVSS9.3AI score0.02531EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/30 12:0 a.m.•29 views

JVN#70739377: Multiple products that use International Components for Unicode (ICU) vulnerable to denial-of-service (DoS)

International Components for Unicode ICU is a library for handling Unicode strings. A C version, ICU4C and a Java version ICU4J are available. Multiple products that use ICU4C contain a denial-of-service vulnerability due to a race condition. ICU released ICU4C version 50.1.1 that addresses this...

6.8CVSS6.1AI score0.01339EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/29 5:40 a.m.•2 views

RockDisk vulnerable to cross-site scripting

Overview RockDisk provided by I-O DATA DEVICE, INC. are LAN connectable hard disk drives. RockDisk contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

4CVSS6.3AI score0.01402EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/29 12:0 a.m.•31 views

JVN#74608669: RockDisk vulnerable to cross-site scripting

RockDisk provided by I-O DATA DEVICE, INC. are LAN connectable hard disk drives. RockDisk contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Firmware Apply the firmware update provided by the developer. Products...

5.4CVSS5.3AI score0.01402EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/18 5:30 a.m.•2 views

HDL-A and HDL2-A Series vulnerable in session management

Overview HDL-A and HDL2-A Series provided by I-O DATA DEVICE, INC. are LAN connectable hard disk drives. HDL-A and HDL2-A Series contain a vulnerability related to the management of sessions. Kazuki Hirota of Keio University Keiji Takeda Research Group reported this vulnerability to IPA. JPCERT/C...

6.8CVSS6.8AI score0.02021EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/18 12:0 a.m.•36 views

JVN#52509236: HDL-A and HDL2-A Series vulnerable in session management

HDL-A and HDL2-A Series provided by I-O DATA DEVICE, INC. are LAN connectable hard disk drives. HDL-A and HDL2-A Series contain a vulnerability related to the management of sessions. Impact A remote unauthenticated attacker may impersonate a user. As a result, information may be disclosed or...

6.8CVSS6.6AI score0.02021EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/04 3:36 a.m.•2 views

Accela BizSearch vulnerable to cross-site scripting

Overview Accela BizSearch provided by Accela Technology Corporation is an enterprise search system. Accela BizSearch contains a cross-site scripting vulnerability. Yuji Tounai of bogus.jp reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

4.3CVSS6.1AI score0.01792EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/04 12:0 a.m.•39 views

JVN#33788325: Accela BizSearch vulnerable to cross-site scripting

Accela BizSearch provided by Accela Technology Corporation is an enterprise search system. Accela BizSearch contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply a patch Apply the patch according to the information...

4.3CVSS6AI score0.01792EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/03 10:26 a.m.•2 views

Arbitrary Commands Execution Vulnerability in JP1/Base

Overview The JP1/Base contains a vulnerability where arbitrary commands may be executed when it receives request messages from unexpected hosts in the network. Impact Malicious users can exploit this vulnerability to execute arbitrary commands by sending request messages from an unexpected host...

8.3CVSS7.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/10/03 10:24 a.m.•6 views

Arbitrary Commands Execution Vulnerability in JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2

Overview The JP1/Automatic Job Management System 3 and JP1/Automatic Job Management System 2 contain a vulnerability where arbitrary commands may be executed when they receive request messages from unexpected hosts in the network. Impact Malicious users can exploit this vulnerability to execute...

8.3CVSS7.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/27 5:51 a.m.•1 views

Multiple vulnerabilities in Java bundled with Hitachi JP1/Cm2/Network Node Manager i

Overview The Java bundled with Hitachi JP1/Cm2/Network Node Manager i contains multiple vulnerabilities. Impact Malicious remote users can exploit this vulnerability to disrupt services, disclose configuration data or execute arbitrary script. Solution Please refer to the 'Vendor Information'...

9.7CVSS7.6AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/27 5:49 a.m.•1 views

Multiple vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i

Overview Hitachi JP1/Cm2/Network Node Manager i contains multiple vulnerabilities. Impact Malicious remote users can exploit this vulnerability to disrupt services, disclose configuration data or execute arbitrary script. Solution Please refer to the 'Vendor Information' section for the official...

9.7CVSS7.6AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 6:12 a.m.•4 views

D-Link DES-3810 Series vulnerable to denial-of-service (DoS)

Overview DES-3810 Series provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in SSH implementation. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

6.8CVSS6.6AI score0.01054EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 6:7 a.m.•2 views

D-Link DWL-2100AP vulnerable to denial-of-service (DoS)

Overview DWL-2100AP provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in SSH implementation. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securit...

6.8CVSS6.6AI score0.01054EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 5:57 a.m.•1 views

SEIL Series routers vulnerable to buffer overflow

Overview SEIL Series routers contain a buffer overflow vulnerability. The PPP Access Concentrator PPPAC in SEIL Series routers provided by Internet Initiative Japan Inc. contains a buffer overflow vulnerability in processing L2TP messages. Impact An attacker may execute an arbitrary code on the...

7.5CVSS8AI score0.02676EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 5:52 a.m.•3 views

SEIL Series routers vulnerable in RADIUS authentication

Overview SEIL Series routers contain a vulnerability in RADIUS authentication. The PPP Access Concentrator PPPAC in SEIL Series routers provided by Internet Initiative Japan Inc. contains an issue when generating random numbers used for RADIUS authentication, which may result in the generated...

4CVSS7AI score0.01257EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 12:0 a.m.•36 views

JVN#43152129: SEIL Series routers vulnerable to buffer overflow

The PPP Access Concentrator PPPAC in SEIL Series routers provided by Internet Initiative Japan Inc. contains a buffer overflow vulnerability in processing L2TP messages. Impact An attacker may execute an arbitrary code on the vulnerable system. Solution Update the Firmware Apply the appropriate...

6.8CVSS7.6AI score0.02676EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 12:0 a.m.•37 views

JVN#40079308: SEIL Series routers vulnerable in RADIUS authentication

The PPP Access Concentrator PPPAC in SEIL Series routers provided by Internet Initiative Japan Inc. contains an issue when generating random numbers used for RADIUS authentication, which may result in the generated random numbers to be easily predicted. Impact An attacker who can intercept...

4CVSS6.8AI score0.01257EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 12:0 a.m.•32 views

JVN#03082733: D-Link DWL-2100AP vulnerable to denial-of-service (DoS)

DWL-2100AP provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in SSH implementation. Impact A user who can login with SSH may cause the product to reboot. Solution Update the Firmware Update the firmware to version R252JP-RC572 or later according to the...

6.3CVSS6.3AI score0.01054EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/20 12:0 a.m.•37 views

JVN#70245052: D-Link DES-3810 Series vulnerable to denial-of-service (DoS)

DES-3810 Series provided by D-Link Japan contains a denial-of-service DoS vulnerability due to an issue in SSH implementation. Impact A user who can login with SSH may cause the product to stop responding. Solution Update the Firmware Update the firmware to version R2.20.011 or later according to...

6.3CVSS6.3AI score0.01054EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/19 5:39 a.m.•1 views

Internet Explorer vulnerable to arbitrary code execution

Overview Internet Explorer contains a vulnerability that may allow arbitrary code execution. According to Microsoft, targeted attacks that attempt to exploit this vulnerability have been confirmed but are limited. Impact If a user views a specially crafted web page, an arbitrary code may be...

9.3CVSS7.8AI score0.8593EPSS
Exploits18References11
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/19 4:29 a.m.•1 views

Multiple broadband routers may behave as open resolvers

Overview Multiple broadband routers contain an issue where they may behave as open resolvers. A device that runs as a DNS cache server, which responds to any recursive DNS queries that are received is referred to as an open resolver. Multiple broadband routers may contain an issue where they may...

5CVSS6.6AI score
Exploits0References13
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/19 12:0 a.m.•44 views

JVN#27443259: Internet Explorer vulnerable to arbitrary code execution

Internet Explorer contains a vulnerability that may allow arbitrary code execution. According to Microsoft, targeted attacks that attempt to exploit this vulnerability have been confirmed but are limited. Impact If a user views a specially crafted web page, an arbitrary code may be executed...

9.3CVSS9AI score0.8593EPSS
Exploits18
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/19 12:0 a.m.•18 views

JVN#62507275: Multiple broadband routers may behave as open resolvers

A device that runs as a DNS cache server, which responds to any recursive DNS queries that are received is referred to as an open resolver. Multiple broadband routers may contain an issue where they may behave as open resolvers. Impact The device may be used in a DNS amplification attack and...

6.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/13 3:21 a.m.•3 views

ChamaCargo vulnerable to cross-site scripting

Overview ChamaCargo provided by ChamaNet is a system for creating shopping websites. ChamaCargo contains a cross-site scripting vulnerability. Koki Takahashi of Keiji Takeda Lab, Keio University reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securit...

4.3CVSS6.1AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/13 12:0 a.m.•37 views

JVN#77455005: ChamaCargo vulnerable to cross-site scripting

ChamaCargo provided by ChamaNet is a system for creating shopping websites. ChamaCargo contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an update Update to the latest version according to the information provided b...

4.3CVSS6AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/12 5:13 a.m.•3 views

Opera vulnerable to cross-site scripting

Overview Opera is a web browser. Opera contains a cross-site scripting vulnerability when the page encoding settings are set to UTF-8. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided ...

4.3CVSS6.1AI score0.01788EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/12 12:0 a.m.•33 views

JVN#01094166: Opera vulnerable to cross-site scripting

Opera is a web browser. Opera contains a cross-site scripting vulnerability when the page encoding settings are set to UTF-8. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the...

4.3CVSS5.7AI score0.01788EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/10 4:56 a.m.•3 views

Cybozu Office vulnerable to cross-site scripting

Overview Cybozu Office is a groupware. Cybozu Office contains a cross-site scripting vulnerability in the function to customize the top page. Motoki Nishio of VALTES CO.,LTD. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

4.3CVSS5.9AI score0.01148EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/10 12:0 a.m.•37 views

JVN#53014207: Cybozu Office vulnerable to cross-site scripting

Cybozu Office is a groupware. Cybozu Office contains a cross-site scripting vulnerability in the function to customize the top page. Impact An arbitrary script may be executed on the web browser of an user who is logged in. Solution Update the software Update to the latest version according to th...

4.3CVSS5.9AI score0.01148EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2013/09/06 5:12 a.m.•5 views

Apache Struts vulnerable to remote command execution

Overview Apache Struts contains a remote command execution vulnerability. Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a remote command execution vulnerability. This issue is the same issue that the...

9.8CVSS7.2AI score0.99998EPSS
Exploits18References18
Total number of security vulnerabilities5625