CVSS: 3.5EPSS: 0%CPEs: 6EXPL: 0CVE-2007-4204
https://notcve.org/view.php?id=CVE-2007-4204
Hitachi Groupmax Collaboration - Schedule, as used in Groupmax Collaboration Portal 07-32 through 07-32-/B, uCosminexus Collaboration Portal 06-32 through 06-32-/B, and Groupmax Collaboration Web Client - Mail/Schedule 07-32 through 07-32-/A, can assign schedule data to the wrong user under unspecified conditions, which might allow remote authenticated users to obtain sensitive information. Hitachi Groupmax Collaboration - Schedule, usado en Groupmax Collaboration Portal 07-32 hasta 07-32-/B, uCosminexus Collaboration Portal 06-32 hasta 06-32-/B, y Groupmax Collaboration Web Client - Mail/Schedule 07-32 hasta 07-32-/A, puede asignar datos de programación (schedule) al usuario incorrecto bajo condiciones no especificadas, lo cual podría permitir a usuarios autenticados remotamente obtener información sensible. • http://osvdb.org/46987 http://www.hitachi-support.com/security_e/vuls_e/HS07-022_e/index-e.html http://www.vupen.com/english/advisories/2007/2723 https://exchange.xforce.ibmcloud.com/vulnerabilities/35704 •
CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0CVE-2007-3043
https://notcve.org/view.php?id=CVE-2007-3043
Cross-site scripting (XSS) vulnerability in Collaboration - File Sharing 01-20 up to 01-20-/B and 01-30 up to 01-30-/B in Hitachi Groupmax Collaboration Portal up to 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing up to 07-30-/C, uCosminexus Collaboration Portal up to 06-30-/D, and uCosminexus Collaboration Portal - Forum/File Sharing up to 06-30-/C on Windows allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Collaboration - File Sharing 01-20 hasta 01-20-/B y 01-30 hasta 01-30-/B en Hitechi Groupmax Collaboration Portal hasta 07-30-/D, Groupmax Collaboration Web Client - Forum/File Sharing hasta 07-30-/C, uCosminexus Collaboration Portal hasta 06-30-/D, y uCosminexus Collaboration Portal - Forum/File Sharing hasta 06-30-/C en Windows permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de vectores no especificados. • http://osvdb.org/36828 http://secunia.com/advisories/25507 http://www.hitachi-support.com/security_e/vuls_e/HS07-011_e/index-e.html http://www.securityfocus.com/bid/24263 http://www.vupen.com/english/advisories/2007/2020 https://exchange.xforce.ibmcloud.com/vulnerabilities/34659 •