CVE-2015-0871
https://notcve.org/view.php?id=CVE-2015-0871
Cross-site scripting (XSS) vulnerability in Mrs. Shiromuku Perl CGI shiromuku(u1)GUESTBOOK 1.62 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Mrs. Shiromuku Perl CGI shiromuku(u1)GUESTBOOK 1.62 y anteriores permite a atacantes remotos inyectar secuencias de comandos arbitrarios o HTML a través de vectores no especificados. • http://jvn.jp/en/jp/JVN17480391/995116/index.html http://jvn.jp/en/jp/JVN17480391/index.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2015-0868
https://notcve.org/view.php?id=CVE-2015-0868
Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI shiromuku(bu2)BBS before 2.91 allows remote attackers to execute arbitrary code by uploading an executable file. Vulnerabilidad de la subida de ficheros sin restricciones en Mrs. Shiromuku Perl CGI shiromuku(bu2)BBS anterior a 2.91 permite a atacantes remotos ejecutar código arbitrario mediante la subida de un fichero ejecutable. • http://jvn.jp/en/jp/JVN94502417/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000008 http://www.t-okada.com/cgi-bin/sb2_data/sb2_data_news.cgi?action=data_list&cat=16#495 •