Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/03/05 12:0 a.m.•24 views

JVN#06874657 OpenPNE authentication bypass vulnerability

OpenPNE is an open source SNS Social Networking Service software. OpenPNE provides an "IP address range limitation" function to provide access to certain pages only to mobile devices. OpenPNE has an issue with the IP address range limitation function that may lead to an authentication bypass...

5.8CVSS6.4AI score0.01074EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/03/03 3:0 a.m.•2 views

uCosminexus Portal Framework Cross-Site Scripting Vulnerability

Overview uCosminexus Portal Framework has a cross-site scripting vulnerability. Impact A remote attacker could make users of affected systems unknowingly execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate actio...

5CVSS6.4AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/02/26 3:45 a.m.•4 views

tDiary plugin tb-send.rb vulnerable to cross-site scripting

Overview tDiary plugin tb-send.rb contains a cross-site scripting vulnerability. tDiary is a weblog software. tDiary plugin tb-send.rb contains a cross-site scripting vulnerability. The developer has confirmed that tDiary 2.3.x are not affected by this vulnerability. Project VEX of UBsecure, Inc...

4.3CVSS6.2AI score0.01996EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/02/25 12:0 a.m.•33 views

JVN#73331060 tDiary plugin tb-send.rb vulnerable to cross-site scripting

tDiary is a weblog software. tDiary plugin tb-send.rb contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on some web browsers. Solution Update the Software Update according to the information provided by the developer. Products Affected tDiary 2.2.2full set...

4.3CVSS5.5AI score0.01996EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/02/09 5:3 a.m.•1 views

Buffer Overflow Vulnerability in Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java

Overview Cosminexus, Processing Kit for XML and Hitachi Developer's Kit for Java have a buffer overflow vulnerability when processing image files in Java applications. Impact An attacker can execute arbitrary code on the target system. Solution Please refer to the 'Vendor Information' section for...

7.5CVSS8.1AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/01/14 12:24 p.m.•2 views

Oracle Application Server vulnerable to cross-site scripting

Overview Oracle Application Server from Oracle contains a cross-site scripting vulnerability. Oracle Application Server from Oracle is an application server. Oracle Application Server contains a cross-site scripting vulnerability. Daiki Fukumori reported this vulnerability to IPA. JPCERT/CC...

2.6CVSS6AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/01/14 12:24 p.m.•4 views

WebCalenderC3 vulnerable to directory traversal

Overview WebCalenderC3 from C3 Corp. contains a directory traversal vulnerability. WebCalenderC3 from C3 Corp. is a calender software. WebCalenderC3 contains a directory traversal vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5CVSS6.7AI score0.01564EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/01/14 12:23 p.m.•5 views

WebCalenderC3 cross-site scripting vulnerability

Overview WebCalenderC3 from C3 Corp. contains a cross-site scripting vulnerability. WebCalenderC3 from C3 Corp. is a calender software. WebCalenderC3 contains a cross-site scripting vulnerability. According to the developer, they were not able to reproduce the vulnerability. However, to mitigate...

4.3CVSS6.1AI score0.01074EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/01/14 12:0 a.m.•17 views

JVN#50837839 Oracle Application Server vulnerable to cross-site scripting

Oracle Application Server from Oracle is an application server. Oracle Application Server contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...

6.3AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/01/12 12:0 a.m.•39 views

JVN#22247093 WebCalenderC3 vulnerable to directory traversal

WebCalenderC3 from C3 Corp. is a calender software. WebCalenderC3 contains a directory traversal vulnerability. Impact A remote attacker could view an arbitrary file on the server. Solution Update the Software Update to the latest version according to the information provided by the developer...

5CVSS6.5AI score0.01564EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/01/12 12:0 a.m.•38 views

JVN#33977065 WebCalenderC3 cross-site scripting vulnerability

WebCalenderC3 from C3 Corp. is a calender software. WebCalenderC3 contains a cross-site scripting vulnerability. According to the developer, they were not able to reproduce the vulnerability. However, to mitigate against potential security risks, the developer has released a security enhanced...

4.3CVSS6AI score0.01074EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/01/06 7:26 a.m.•2 views

Movable Type access restriction bypass vulnerability

Overview Movable Type contains an access restriction bypass vulnerability. Movable Type, a web log system from Six Apart KK, contains a vulnerability that allows a remote attacker to bypass access restrictions. This vulnerability is different from JVN08369659. Impact A remote attacker may view or...

5.5CVSS6.6AI score
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/01/06 12:0 a.m.•18 views

JVN#09872874 Movable Type access restriction bypass vulnerability

Movable Type, a web log system from Six Apart KK, contains a vulnerability that allows a remote attacker to bypass access restrictions. This vulnerability is different from JVN08369659. Impact A remote attacker may view or modify information stored by Movable Type. Solution Update the Software...

6.9AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/28 2:19 a.m.•1 views

Fujitsu Interstage and Systemwalker SSL Vulnerabilities

Overview Fujitsu Interstage and Systemwalker related products have the vulnerabilities listed below: - A buffer overflow vulnerability that can occur when the SSL server verifies the client's certificate. - A vulnerability that makes it possible to make an SSL connection using a server or client...

5CVSS7.3AI score
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/24 5:32 a.m.•2 views

StartTLS not enabled in Hitachi Storage Command Suite products

Overview When a Hitachi Storage Command Suite product uses an LDAP directory server as the server to be used for external authentication, StartTLS won't be enabled even if it is specified as the connection protocol. Impact StartTLS won't be enabled even if it is specified as the connection...

5CVSS6.9AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/17 5:18 a.m.•2 views

P forum vulnerable to directory traversal

Overview P forum from Rocomotion contains a directory traversal vulnerability. P forum from Rocomotion is a bulletin board software. P forum contains a directory traversal vulnerability. Shuya Ueki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5CVSS6.8AI score0.01599EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/15 10:52 a.m.•3 views

Active! mail 2003 cookie disclosure vulnerability

Overview Active! mail 2003 from TransWARE Co. contains a vulnerability in which cookies may be disclosed. Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a vulnerability in which cookies may be disclosed. Kenichi Maehashi of CIS RAT at Hosei Universi...

5.8CVSS6.6AI score0.0105EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/15 10:52 a.m.•3 views

Active! mail 2003 session ID disclosure vulnerability

Overview Active! mail 2003 from TransWARE Co. contains a vulnerability in which session IDs may be disclosed. Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a vulnerability in which session IDs may be disclosed. Kenichi Maehashi of CIS RAT at Hosei...

5.8CVSS6.6AI score0.01083EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/15 10:52 a.m.•3 views

Active! mail 2003 cross-site scripting vulnerability

Overview Active! mail 2003 from TransWARE Co. contains a cross-site scripting vulnerability. Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a cross-site scripting vulnerability. Kenichi Maehashi of CIS RAT at Hosei University reported this...

4.3CVSS6.1AI score0.01065EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/15 12:0 a.m.•38 views

JVN#00152874 P forum vulnerable to directory traversal

P forum from Rocomotion is a bulletin board software. P forum contains a directory traversal vulnerability. Impact A remote attacker could view an arbitrary file on the server. Solution Update the Software Update to the latest version according to the information provided by the developer. This...

5CVSS6.5AI score0.01599EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/09 10:38 a.m.•4 views

SEIL/B1 authentication issue

Overview SEIL/B1 contains an issue in the implementation of the PPP Access Concentrator PPPAC function, which may allow replay attacks to be performed during the authentication process. The PPP Access Concentrator PPPAC function within SEIL/B1 contains an issue in the CHAP and MS-CHAP-V2...

2.6CVSS6.9AI score0.01356EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/09 12:0 a.m.•23 views

JVN#49602378 SEIL/B1 authentication issue

The PPP Access Concentrator PPPAC function within SEIL/B1 contains an issue in the CHAP and MS-CHAP-V2 authentication processes, the same challenge value is repeatedly used for each authentication attempt. Impact A third party may be able to perform replay attacks. As a result, the third party ma...

2.6CVSS6.6AI score0.01356EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/08 12:0 a.m.•26 views

JVN#36207497 Active! mail 2003 cookie disclosure vulnerability

Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a vulnerability in which cookies may be disclosed. Impact A remote attacker could impersonate a user of Active! mail 2003. As a result, the user's email could be viewed or configurations could be...

5.8CVSS6.2AI score0.0105EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/08 12:0 a.m.•89 views

JVN#49083120 Active! mail 2003 cross-site scripting vulnerability

Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provide...

4.3CVSS5.9AI score0.01065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/08 12:0 a.m.•32 views

JVN#85821104 Active! mail 2003 session ID disclosure vulnerability

Active! mail 2003 from TransWARE Co. is a web-based email software. Active! mail 2003 contains a vulnerability in which session IDs may be disclosed. Impact A remote attacker could impersonate a user of Active! mail 2003. As a result, the user's email may be viewed or configurations may be...

5.8CVSS6.2AI score0.01083EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/07 5:51 a.m.•4 views

EC-CUBE information disclosure vulnerability

Overview EC-CUBE from LOCKON CO.,LTD. contains an information disclosure vulnerability. EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an information disclosure vulnerability. Impact A remote attacker may be able to obtain customer data that...

5CVSS6.4AI score0.01524EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/12/07 12:0 a.m.•24 views

JVN#79762947 EC-CUBE information disclosure vulnerability

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an information disclosure vulnerability. Impact A remote attacker may be able to obtain customer data that is saved by EC-CUBE. Solution Update the Software Apply the latest updates provided by...

5CVSS6.1AI score0.01524EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/19 6:45 a.m.•3 views

Redmine vulnerable to cross-site request forgery

Overview Redmine contains a cross-site request forgery vulnerability. Redmine is a project management software. Redmine contains a cross-site request forgery vulnerability. Yoshinari Fukumoto of Rakuten, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

6.8CVSS6.6AI score0.00719EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/19 6:45 a.m.•2 views

Redmine vulnerable to cross-site scripting

Overview Redmine contains a cross-site scripting vulnerability. Redmine is a project management software. Redmine contains a cross-site scripting vulnerability. Yoshinari Fukumoto of Rakuten, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

4.3CVSS6AI score0.01523EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/19 12:0 a.m.•39 views

JVN#87341298 Redmine vulnerable to cross-site request forgery

Redmine is a project management software. Redmine contains a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged into Redmine, an arbitrary ticket may be deleted. Solution Update the Software Update to the latest version according to the information...

6.8CVSS6.2AI score0.00719EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/19 12:0 a.m.•24 views

JVN#01245481 Redmine vulnerable to cross-site scripting

Redmine is a project management software. Redmine contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. As a result, cookie information may be leaked and could lead to session hijacking or user impersonation. Solution Update the...

4.3CVSS5.8AI score0.01523EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/04 6:27 a.m.•3 views

Roundcube Webmail vulnerable to cross-site request forgery

Overview Roundcube Webmail provided by Roundcube Webmail Project contains a cross-site requesst forgery vulnerability. Roundcube Webmail is an open source webmail client from the Roundcube Webmail Project. Roundcube Webmail contains a cross-site request forgery vulnerability. This issue is...

6.8CVSS6.9AI score0.01342EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/04 6:27 a.m.•4 views

Roundcube Webmail vulnerable to cross-site request forgery

Overview Roundcube Webmail provided by Roundcube Webmail Project contains a cross-site requesst forgery vulnerability. Roundcube Webmail is an open source webmail client from the Roundcube Webmail Project. Roundcube Webmail contains a cross-site request forgery vulnerability. This issue is...

6.8CVSS6.5AI score0.01342EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/04 12:0 a.m.•33 views

JVN#72974205 Roundcube Webmail vulnerable to cross-site request forgery

Roundcube Webmail is an open source webmail client from the Roundcube Webmail Project. Roundcube Webmail contains a cross-site request forgery vulnerability. This issue is different from JVN33820033 and JVN75694913. Impact An attacker may be able to alter the user information within Roundcube...

6.8CVSS5.6AI score0.01342EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/04 12:0 a.m.•31 views

JVN#75694913 Roundcube Webmail vulnerable to cross-site request forgery

Roundcube Webmail is an open source webmail client from the Roundcube Webmail Project. Roundcube Webmail contains a cross-site request forgery vulnerability. This issue is different from JVN33820033 and JVN72974205. Impact An attacker may be able to send arbitrary emails. Solution Update the...

6.8CVSS6AI score0.01342EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/02 7:42 a.m.•2 views

SEIL/X Series and SEIL/B1 denial of service vulnerability

Overview SEIL/X Series and SEIL/B1 contain a denial of service DoS vulnerability. SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contain an issue in the processing by the NAT function, which may lead to a denial of service DoS vulnerability. Impact When processing a specially...

7.8CVSS6.7AI score0.01684EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/11/02 7:42 a.m.•3 views

SEIL/X Series and SEIL/B1 buffer overflow vulnerability

Overview SEIL/X Series and SEIL/B1 contain a buffer overflow vulnerability. SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contain an issue in the processing by the URL filtering function, which may lead to a buffer overflow vulnerability. Impact When processing a specially...

9.3CVSS7.7AI score0.04756EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/28 12:0 a.m.•32 views

JVN#13011682 SEIL/X Series and SEIL/B1 denial of service vulnerability

SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contain an issue in the processing by the NAT function, which may lead to a denial of service DoS vulnerability. Impact When processing a specially crafted packet, a remote attacker may cause a denial of service. Solution Update the...

7.1CVSS6.5AI score0.01684EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/28 12:0 a.m.•29 views

JVN#06362164 SEIL/X Series and SEIL/B1 buffer overflow vulnerability

SEIL/X Series and SEIL/B1 are routers. SEIL/X Series and SEIL/B1 contain an issue in the processing by the URL filtering function, which may lead to a buffer overflow vulnerability. Impact When processing a specially crafted URL, a remote attacker may be able to execute arbitrary code. Solution...

9.3CVSS7.6AI score0.04756EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/26 6:58 a.m.•3 views

Implementations of IPv6 may be vulnerable to denial of service (DoS) attacks

Overview Implementations of Internet Protocol version 6 IPv6 may be vulnerable to denial of service DoS attacks. Implementations of IPv6 contain an issue in the processing of packets related to the Neighbor Discovery Protocol RFC4861, which may lead to a denial of service vulnerablility. For more...

5.7CVSS6.6AI score
Exploits0References13
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/26 12:0 a.m.•48 views

JVN#75368899: Implementations of IPv6 may be vulnerable to denial of service (DoS) attacks

Implementations of IPv6 contain an issue in the processing of packets related to the Neighbor Discovery Protocol RFC4861, which may lead to a denial of service vulnerablility. Impact Reception of a large number of packets from a malicious third party that is on the same link within the network ma...

6.1CVSS6.1AI score0.00816EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/20 6:56 a.m.•2 views

Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting

Overview Canon IT Solutions Inc. ACCESSGUARDIAN contains a cross-site scripting vulnerability. Canon IT Solutions Inc. ACCESSGUARDIAN is a web security gateway. ACCESSGUARDIAN contains a cross-site scripting vulnerability. Ohji Kashiwazaki of GLOBAL SECURITY EXPERTS Inc. reported this vulnerabili...

4.3CVSS6.1AI score0.01801EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/20 12:0 a.m.•32 views

JVN#33822756 Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting

Canon IT Solutions Inc. ACCESSGUARDIAN is a web security gateway. ACCESSGUARDIAN contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by...

4.3CVSS5.9AI score0.01801EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/15 6:21 a.m.•2 views

Multiple Cybozu products vulnerable to cross-site scripting

Overview Multiple Cybozu products are vulnerable to cross-site scripting. Multiple products groupware etc. provided by Cybozu, Inc. contain a cross-site scripting vulnerablility. This vulnerability is different from JVN50342989, and JVN90712589. Takeshi Terada of Mitsui Bussan Secure Directions,...

2.6CVSS5.9AI score
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/15 12:0 a.m.•16 views

JVN#23108985: Multiple Cybozu products vulnerable to cross-site scripting

Multiple products groupware etc. provided by Cybozu, Inc. contain a cross-site scripting vulnerablility. This vulnerability is different from JVN50342989, and JVN90712589. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest versi...

6.5AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/02 7:2 a.m.•2 views

SugarCRM vulnerable to cross-site scripting

Overview SugarCRM contains a cross-site scripting vulnerability. SugarCRM is a customer relationship management CRM software. SugarCRM contains a cross-site scripting vulnerability. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated...

2.6CVSS6AI score
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/10/02 12:0 a.m.•17 views

JVN#84396512 SugarCRM vulnerable to cross-site scripting

SugarCRM is a customer relationship management CRM software. SugarCRM contains a cross-site scripting vulnerability. Impact If a user views a malicious page and clicks the print icon while logged in, an arbitrary script may be executed on the user's web browser. Solution Update the Software Updat...

6.5AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/18 9:11 a.m.•2 views

Directory traversal vulnerability in multiple phpspot products

Overview Multiple products provided by phpspot contain a directory traversal vulnerablility. Multiple products BBS Software etc. provided by phpspot contain a directory traversal vulnerablility. Takayoshi Isayama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/...

5CVSS6.5AI score0.01505EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/18 9:11 a.m.•3 views

Cross-site scripting vulnerability in multiple phpspot products

Overview Multiple products provided by phpspot contain a cross-site scripting vulnerablility. Multiple products BBS Software etc. provided by phpspot contain a cross-site scripting vulnerablility. Takayoshi Isayama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA...

4.3CVSS6.1AI score0.01033EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/18 12:0 a.m.•31 views

JVN#53591199 Cross-site scripting vulnerability in multiple phpspot products

Multiple products BBS Software etc. provided by phpspot contain a cross-site scripting vulnerablility. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to latest version according to the information provided by developer. Products Affected...

4.3CVSS5.9AI score0.01033EPSS
Exploits0
Total number of security vulnerabilities5625