Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/18 12:0 a.m.•33 views

JVN#65914253 Directory traversal vulnerability in multiple phpspot products

Multiple products BBS Software etc. provided by phpspot contain a directory traversal vulnerablility. Impact A remote attacker could view files on the server where the product is installed. This could lead to disclosure of contents. Solution Update the software Update to latest version according ...

5CVSS6.3AI score0.01505EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/17 6:52 a.m.•3 views

XF-Section vulnerable to cross-site scripting

Overview XF-Section from Happy Linux contains a cross-site scripting vulnerability. XF-Secion from Happy Linux is a XOOPS module that categorizes contents. XF-Section contains a cross-site scripting vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC coordinated with the...

4.3CVSS6.2AI score0.01624EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/17 6:52 a.m.•1 views

Third-party cookie issue in Opera

Overview Opera contains an issue in which third-party cookies are not handled properly. Opera contains an issue in which third-party cookies are not handled properly. Please note that this issue only occurs when the user changes the setting for "Accept only cookies from the site I visit" from the...

2.6CVSS6.5AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/17 12:0 a.m.•29 views

JVN#00425482 XF-Section vulnerable to cross-site scripting

XF-Secion from Happy Linux is a XOOPS module that categorizes contents. XF-Section contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use XF-Section Since the product is no longer being developed, users are...

4.3CVSS6AI score0.01624EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/17 12:0 a.m.•17 views

JVN#39157969 Third-party cookie issue in Opera

Opera contains an issue in which third-party cookies are not handled properly. Please note that this issue only occurs when the user changes the setting for "Accept only cookies from the site I visit" from the default installation of Opera. Impact A remote attacker may be able to trace an user's...

6.9AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/14 1:31 a.m.•5 views

GIF File Processing Denial of Service Vulnerability in Multiple JP1 Products

Overview A vulnerability exists in multiple JP1 products that could allow an attacker to cause denial of service DoS condition due to error in processing GIF files. Impact A remote attacker could cause a denial of service DoS condition. Solution Please refer to the 'Vendor Information' section fo...

5CVSS6.8AI score0.01407EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/14 1:31 a.m.•2 views

Multiple Vulnerabilities in Hitachi JP1/File Transmission Server/FTP

Overview Hitachi JP1/File Transmission Server/FTP contains multiple vulnerabilities that could allow an attacker to execute arbitrary commands. Impact A remote attacker could execute arbitrary commands. Solution Please refer to the 'Vendor Information' section for the official countermeasure and...

10CVSS7.6AI score0.0392EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/11 7:36 a.m.•1 views

Webservice-DIC yoyaku_v41 vulnerable to command injection

Overview yoyakuv41 from Webservice-DIC contains a command injection vulnerability. yoyakuv41 from Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a command injection vulnerability. This vulnerability is different from JVN80436657. Keigo Yamazaki of LAC Co.,...

7.5CVSS7.3AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/11 12:0 a.m.•12 views

JVN#05857667 Webservice-DIC yoyaku_v41 vulnerable to command injection

yoyakuv41 from Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a command injection vulnerability. This vulnerability is different from JVN80436657. Impact An arbitrary command could be executed with the privilege of the server where yoyakuv41 runs. Solution...

7.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/09 8:30 a.m.•2 views

Buffer overflow vulnerability in Microsoft Windows

Overview Microsoft Windows contains a buffer overflow vulnerability. Windows Media Format Runtime included in Microsoft Windows contains a buffer overflow vulnerability when parsing specific files. The security update for this vulnerability is contained in the Microsoft Security Bulletin Summary...

9.3CVSS7.4AI score0.2121EPSS
Exploits2References17
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/09 12:0 a.m.•36 views

JVN#62211338 Buffer overflow vulnerability in Microsoft Windows

Windows Media Format Runtime included in Microsoft Windows contains a buffer overflow vulnerability when parsing specific files. Impact If a user opens a specially crafted file, an attacker may execute arbitrary code. Solution Update the software Apply the update according to the information...

9.3CVSS6.8AI score0.2121EPSS
Exploits2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/09/02 12:0 a.m.•27 views

JVN#57040664 ATOK screen lock bypass vulnerability

ATOK from JustSystems Corporation is a software for Japanese Kana-Kanji conversion. ATOK contains an issue with the restriction of launching external applications, which may lead to a screen lock bypass vulnerability. Impact An attacker could execute arbitrary code or program with the privileges ...

7.2CVSS7.2AI score0.00394EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/31 6:52 a.m.•2 views

Issue of Access Control Failure in Hitachi Device Manager Server

Overview Hitachi Device Manager servers contain a vulnerability in which access control settings would be rendered invalid in the following cases: - IPv6 format is used for communications between a Hitachi Device Manager server and its clients. - Access controls for Hitachi Device Manager clients...

6.8CVSS6.9AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/31 6:52 a.m.•3 views

Issue of Access Control Failure in Groupmax Scheduler Server

Overview Groupmax Scheduler Server contains a vulnerability in which access privilege settings can be rendered invalid. Impact An unauthorized user may gain access to the Groupmax Scheduler Server. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take...

7.5CVSS6.9AI score0.01377EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/27 6:29 a.m.•2 views

bingo!CMS core and bingo!CMS vulnerable to cross-site request forgery

Overview bingo!CMS core and bingo!CMS contain a cross-site request forgery vulnerability. bingo!CMS core and bingo!CMS are content management systems CMS. bingo!CMS core and bingo!CMS contain a cross-site request forgery vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC...

6.8CVSS6.5AI score0.00991EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/27 12:0 a.m.•36 views

JVN#68640473 bingo!CMS core and bingo!CMS vulnerable to cross-site request forgery

bingo!CMS core and bingo!CMS are content management systems CMS. bingo!CMS core and bingo!CMS contain a cross-site request forgery vulnerability. Impact If a user views a malicious web page while logged into the CMS, an attacker could modify configurations or modify contents managed by CMS...

6.8CVSS6.4AI score0.00991EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/26 6:25 a.m.•4 views

Site Calendar 'mycaljp' vulnerable to cross-site scripting

Overview Site Calendar 'mycaljp' contains a cross-site scripting vulnerability. Site Calendar 'mycaljp' is a calendar plugin for Geeklog, which is an open source content management system. Site Calendar 'mycaljp' contains a cross-site scripting vulnerability. The affected plugin is also contained...

4.3CVSS6AI score0.01065EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/25 1:50 a.m.•2 views

Hitachi Business Logic Cross-Site Scripting Vulnerability

Overview Hitachi Business Logic is vulnerable to cross-site scripting. Impact A remote attacker could make a user execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

5CVSS6.6AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/24 7:25 a.m.•3 views

SugarCRM vulnerable to SQL injection

Overview SugarCRM contains a SQL injection vulnerability. SugarCRM is a customer relationship management CRM software. SugarCRM contains a SQL injection vulnerability. Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

7.5CVSS7.6AI score0.01359EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/24 12:0 a.m.•29 views

JVN#31035930 SugarCRM vulnerable to SQL injection

SugarCRM is a customer relationship management CRM software. SugarCRM contains a SQL injection vulnerability. Impact As a result of SQL injection, contents within the database can be compromised. Solution Update the Software Update to the latest version according to the information provided by th...

7.5CVSS7AI score0.01359EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/21 12:0 a.m.•32 views

JVN#20478978 Site Calendar 'mycaljp' vulnerable to cross-site scripting

Site Calendar 'mycaljp' is a calendar plugin for Geeklog, which is an open source content management system. Site Calendar 'mycaljp' contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the late...

4.3CVSS5.9AI score0.01065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/19 7:33 a.m.•3 views

ColdFusion vulnerable to cross-site scripting

Overview ColdFusion provided by Adobe contains a cross-site scripting vulnerability. ColdFusion from Adobe is a software to develop web applications. ColdFusion contains a cross-site scripting vulnerability. This vulnerability is different from JVN28356427 and JVN48566866. Project VEX of UBsecure...

4.3CVSS6.2AI score0.01773EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/19 12:0 a.m.•32 views

JVN#21388501 ColdFusion vulnerable to cross-site scripting

ColdFusion from Adobe is a software to develop web applications. ColdFusion contains a cross-site scripting vulnerability. This vulnerability is different from JVN28356427 and JVN48566866. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the...

4.3CVSS5.8AI score0.01773EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/05 6:59 a.m.•2 views

Cross-site request forgery vulnerability in FreeNAS

Overview FreeNAS contains a cross-site request forgery vulnerability. FreeNAS is a NAS Network Attached Storage server software. FreeNAS contains a cross-site request forgery vulnerability. Hiroyuki Shinshiba of LAC:Little eArth Corporation Co., LTD. reported this vulnerability to IPA. JPCERT/CC...

7.1CVSS6.5AI score0.0109EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/05 6:58 a.m.•2 views

Cross-site scripting vulnerability in FreeNAS

Overview FreeNAS contains a cross-site scripting vulnerability. FreeNAS is a NAS Network Attached Storage server software. FreeNAS contains a cross-site scripting vulnerability. Hiroyuki Shinshiba of LAC:Little eArth Corporation Co., LTD. reported this vulnerability to IPA. JPCERT/CC coordinated...

4.3CVSS6.1AI score0.01033EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/05 12:0 a.m.•30 views

JVN#15267895 Cross-site request forgery vulnerability in FreeNAS

FreeNAS is a NAS Network Attached Storage server software. FreeNAS contains a cross-site request forgery vulnerability. Impact If a user views a malicious web page while logged into the web-based interface, an attacker could modify configurations or delete data on the hard disk drive. Solution...

4.3CVSS6.2AI score0.0109EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/08/05 12:0 a.m.•25 views

JVN#89791790 Cross-site scripting vulnerability in FreeNAS

FreeNAS is a NAS Network Attached Storage server software. FreeNAS contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer...

4.3CVSS5.9AI score0.01033EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/31 6:34 a.m.•2 views

Webservice-DIC yoyaku_v41 vulnerable to command injection

Overview yoyakuv41 from Webservice-DIC contains a command injection vulnerability. yoyakuv41 from Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a command injection vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC coordinated with t...

7.5CVSS7.3AI score
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/31 12:0 a.m.•19 views

JVN#80436657 Webservice-DIC yoyaku_v41 vulnerable to command injection

yoyakuv41 from Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a command injection vulnerability. Impact An arbitrary command could be executed with the privilege of the server where yoyakuv41 runs. Solution Update the Software Update to the latest version...

7.6AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/29 6:30 a.m.•1 views

MySQL Connector/J vulnerable to SQL injection

Overview MySQL Connector/J from Sun Microsystems contains a SQL injection vulnerability. MySQL Connector/J from Sun Microsystems is a software that provides access to a MySQL database for client applications written in Java. MySQL Connector/J contains a SQL injection vulnerability. Masakazu Ikeda...

6.8CVSS7.5AI score
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/29 12:0 a.m.•17 views

JVN#59748723 MySQL Connector/J vulnerable to SQL injection

MySQL Connector/J from Sun Microsystems is a software that provides access to a MySQL database for client applications written in Java. MySQL Connector/J contains a SQL injection vulnerability. Impact A remote attacker could obtain and modify contents in the database. Solution Update the Software...

7.8AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/24 8:19 a.m.•1 views

Cross-site scripting vulnerability in RevoCounter CGI (Animation Counter)

Overview RevoCounter CGI Animation Counter from futomi's CGI Cafe contains a cross-site scripting vulnerability. RevoCounter CGI Animation Counter from futomi's CGI Cafe is a software that displays an animated counter on a webpage. RevoCounter CGI Animation Counter contains a cross-site scripting...

4.3CVSS6.1AI score
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/24 12:0 a.m.•15 views

JVN#29852698 Cross-site scripting vulnerability in RevoCounter CGI (Animation Counter)

RevoCounter CGI Animation Counter from futomi's CGI Cafe is a software that displays an animated counter on a webpage. RevoCounter CGI Animation Counter contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Softwar...

6.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/15 9:15 a.m.•2 views

shiromuku(fs6)DIARY cross-site scripting vulnerability

Overview shiromukufs6DIARY from Perl CGI's By Mrs. Shiromuku contains a cross-site scripting vulnerability. shiromukufs6DIARY from Perl CGI's By Mrs. Shiromuku is a web log software. shiromukufs6DIARY contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the...

4.3CVSS6.1AI score0.01065EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/14 1:17 a.m.•4 views

Hitachi Web Server Vulnerability in SSL Client Authentication

Overview Hitachi Web Server contains a vulnerability in handling SSL client certificates, which could allow an attacker to manipulate environment variables and/or spoof the client to access Web servers. Impact An attacker could manipulate environment variables and/or spoof the client to access We...

7.5CVSS6.7AI score0.0187EPSS
Exploits1References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/14 1:17 a.m.•2 views

Hitachi Web Server Reverse Proxy Denial of Service (DoS) Vulnerability

Overview Hitachi Web Server contains a vulnerability that could lead to a denial of service DoS condition when using it as a reverse proxy due to excessive memory usage. Impact The server could fall into a denial of service DoS state when continuously receiving fraudulent responses from backend W...

5CVSS7.6AI score0.12714EPSS
Exploits2References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/14 12:0 a.m.•28 views

JVN#31110006 shiromuku(fs6)DIARY cross-site scripting vulnerability

shiromukufs6DIARY from Perl CGI's By Mrs. Shiromuku is a web log software. shiromukufs6DIARY contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information...

4.3CVSS5.9AI score0.01065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/07 2:12 a.m.•1 views

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Zip File Scanning Utility

Overview Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability that allows unauthorized access through a zip file scanning API. Impact Unauthorized access may be done when loading and scanning an external zip file. Solution Please refer to the 'Vendor...

10CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/07 2:12 a.m.•1 views

Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java Possible Unauthorized Access through Vulnerability in Encoding Process

Overview Cosminexus Processing Kit for XML and Hitachi Developer's Kit for Java have a vulnerability where UTF-8 output is not properly judged due to deficiency in encoding processing, which may lead to unauthorized access. Impact Unauthorized access may be done exploiting a deficiency in encodin...

10CVSS6.8AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/01 8:54 a.m.•2 views

PHP-I-BOARD from Let's PHP! vulnerable to directory traversal

Overview PHP-I-BOARD from Let's PHP! contains a directory traversal vulnerability. PHP-I-BOARD from Let's PHP! is a bulletin board software. PHP-I-BOARD contains a directory traversal vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

5CVSS6.7AI score0.01551EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/01 8:54 a.m.•4 views

PHP-I-BOARD from Let's PHP! vulnerable to cross-site scripting

Overview PHP-I-BOARD from Let's PHP! contains a cross-site scripting vulnerability. PHP-I-BOARD from Let's PHP! is a bulletin board software. PHP-I-BOARD contains a cross-site scripting vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

4.3CVSS6AI score0.01033EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/01 8:53 a.m.•2 views

Tree BBS from Let's PHP! vulnerable to cross-site scripting

Overview Tree BBS from Let's PHP! contains a cross-site scripting vulnerability. Tree BBS from Let's PHP! is a tree-structured bulletin board software. Tree BBS contains a cross-site scripting vulnerability. Yoshinori Ohta of Business Architects Inc. reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS6AI score0.01033EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/01 8:53 a.m.•4 views

Movable Type access restriction bypass vulnerability

Overview Movable Type contains an access restriction bypass vulnerability. Movable Type, a web log system from Six Apart KK, contains a vulnerability that allows a remote attacker to bypass access restrictions. A successful attack requires mt-wizard.cgi not to be deleted after initial setup. For...

5.8CVSS6.6AI score0.01233EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/07/01 8:53 a.m.•5 views

Movable Type cross-site scripting vulnerability

Overview Movable Type contains a cross-site scripting vulnerability. Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability. This vulnerability is a different vulnerability than past reports on JVN. A successful attack requires mt-wizard.cgi not to be...

2.6CVSS6.1AI score0.01083EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/06/25 12:0 a.m.•42 views

JVN#93827000 Tree BBS from Let's PHP! vulnerable to cross-site scripting

Tree BBS from Let's PHP! is a tree-structured bulletin board software. Tree BBS contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by t...

4.3CVSS5.9AI score0.01033EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/06/25 12:0 a.m.•36 views

JVN#20219071 PHP-I-BOARD from Let's PHP! vulnerable to cross-site scripting

PHP-I-BOARD from Let's PHP! is a bulletin board software. PHP-I-BOARD contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the...

4.3CVSS5.9AI score0.01033EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/06/25 12:0 a.m.•38 views

JVN#32788272 PHP-I-BOARD from Let's PHP! vulnerable to directory traversal

PHP-I-BOARD from Let's PHP! is a bulletin board software. PHP-I-BOARD contains a directory traversal vulnerability. Impact A remote attacker could view an arbitrary file on the server. Solution Update the Software Update to the latest version according to the information provided by the developer...

5CVSS6.5AI score0.01551EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/06/24 12:0 a.m.•33 views

JVN#86472161 Movable Type cross-site scripting vulnerability

Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability. This vulnerability is a different vulnerability than past reports on JVN. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest versio...

2.6CVSS5.8AI score0.01083EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/06/24 12:0 a.m.•35 views

JVN#08369659 Movable Type access restriction bypass vulnerability

Movable Type, a web log system from Six Apart KK, contains a vulnerability that allows a remote attacker to bypass access restrictions. Impact A remote attacker may send unsolicited email to arbitrary addresses or view information stored in Movable Type. Solution Update the Software Update to the...

5.8CVSS6.3AI score0.01233EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2009/06/19 7:35 a.m.•1 views

Cross-site scripting vulnerability in PukiWikiMod from XOOPS Maniac

Overview PukiWikiMod from XOOPS Maniac contains a cross-site scripting vulnerability. PukiWikiMod from XOOPS Maniac is a contents management software for XOOPS. PukiWikiMod contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solutio...

4.3CVSS6.1AI score0.01223EPSS
Exploits0References8
Total number of security vulnerabilities5625