2 results (0.007 seconds)

CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0

Cross-site request forgery (CSRF) vulnerability in the communicate function in estmaster.c for Hyper Estraier before 1.3.3 allows remote attackers to perform unauthorized actions as other users via unknown vectors. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en la función communicate de estmaster.c para Hyper Estraier versiones anteriores a 1.3.3 permite a atacantes remotos realizar acciones no autorizadas como otros usuarios mediante vectores desconocidos. • http://secunia.com/advisories/21049 http://sourceforge.net/project/shownotes.php?release_id=432119 http://www.vupen.com/english/advisories/2006/2827 •

CVSS: 5.0EPSS: 2%CPEs: 2EXPL: 0

estcmd in Hyper Estraier 1.0.1 on Windows systems allows remote attackers to read unauthorized files via a crafted search request for a filename that contains Unicode characters. • http://jvn.jp/jp/JVN%2318282718/index.html http://secunia.com/advisories/17379 http://securitytracker.com/id?1015119 http://sourceforge.net/project/shownotes.php?release_id=366565 http://www.securityfocus.com/bid/15236 •