16 results (0.011 seconds)

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0

KENT-WEB Joyful Note before 5.3 allows remote attackers to delete files or write to files, and consequently execute arbitrary code, via vectors involving an article. KENT-WEB Joyful Note anterior a 5.3 permite a atacantes remotos eliminar ficheros o escribir a ficheros, y como consecuencia ejecutar código arbitrario, a través de vectores que involucran un artículo. • http://jvn.jp/en/jp/JVN88862608/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000024 http://www.kent-web.com/bbs/joyful.html •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

KENT-WEB Clip Board before 4.1 allows remote attackers to delete arbitrary files via unspecified vectors. KENT-WEB Clip Board anterior a 4.1 permite a atacantes remotos eliminar ficheros arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN62298871/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000028 http://www.kent-web.com/bbs/clipbbs.html •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1

Cross-site scripting (XSS) vulnerability in KENT-WEB Clip Board 2.91 and earlier, when running certain versions of Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en KENT-WEB Clip Board 2.91 y anteriores, cuando funciona con ciertas versiones de Internet Explorer, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN12798709/index.html http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000147.html http://www.kent-web.com/bbs/clipbbs.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in KENT-WEB Joyful Note 2.8 and earlier, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en KENT-WEB Joyful Note 2.8 y anteriores, cuando se usa Internet Explorer 7 o anterior, permite a atacantes remotos inyectar script Web o HTML a través de vectores no especificados. • http://jvn.jp/en/jp/JVN30718178/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000013 http://osvdb.org/102740 http://www.kent-web.com/bbs/joyful.html http://www.securityfocus.com/bid/65301 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability in KENT-WEB POST-MAIL before 6.7, when Internet Explorer 7 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an unspecified form field. Vulnerabilidad de ejecución de secuencia de comandos en sitios cruzados (XSS) en KENT-WEB CLIP-MAIL antes de v6.7, cuando se usa Internet Explorer 7 o anterior, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través de un campo no especificado del formulario. • http://jvn.jp/en/jp/JVN26394323/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000066 http://www.kent-web.com/mail/postmail.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •