Open redirect vulnerability in WordPress Download Manager prior to version 2.9.51 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. Date published : 2017-07-07 https://plugins.trac.wordpress.org/changeset/1650075/ Download...
Cross-site scripting vulnerability in WordPress Download Manager prior to version 2.9.50 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2017-07-07 https://plugins.trac.wordpress.org/changeset/1650075/ Download Manager
Untrusted search path vulnerability in Installer of "Setup file of advance preparation" (jizen_setup.exe) (The version which was available on the website prior to 2017 June 12) allows an attacker to gain privileges via a...
Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an...
Cross-site scripting vulnerability in Source code security studying tool iCodeChecker allows an attacker to inject arbitrary web script or HTML via unspecified vectors. Date published : 2017-07-07 https://jvn.jp/en/jp/JVN25078144/index.html https://www.ipa.go.jp/security/vuln/iCodeChecker/
Untrusted search path vulnerability in Installer of Denshinouhin Check System (for Ministry of Agriculture, Forestry and Fisheries Nouson Seibi Jigyou) 2014 March Edition (Ver.9.0.001.001) [Updated on 2017 June 9], (Ver.8.0.001.001) [Updated on 2016 May...
HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI. Date published : 2017-07-07 http://www.securityfocus.com/bid/99282 https://www.au.com/information/notice_mobile/update/update-20170612-01/
HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI. Date published : 2017-07-07 http://www.securityfocus.com/bid/99282 https://www.au.com/information/notice_mobile/update/update-20170612-01/
Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI. Date published : 2017-07-07 http://www.securityfocus.com/bid/99282 https://www.au.com/information/notice_mobile/update/update-20170612-01/
HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings. Date published : 2017-07-07 http://www.securityfocus.com/bid/99282 https://www.au.com/information/notice_mobile/update/update-20170612-01/
Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Date published : 2017-07-07 https://support.cybozu.com/ja-jp/article/9909 https://jvn.jp/en/jp/JVN56588965/index.html
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.4 allows remote attackers to inject arbitrary web script or HTML via application menu. Date published : 2017-07-07 https://support.cybozu.com/ja-jp/article/9702 http://jvn.jp/en/jp/JVN43534286/index.html
Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform arbitrary operations via unspecified vectors. Date published : 2017-07-07 https://support.cybozu.com/ja-jp/article/9695 http://jvn.jp/en/jp/JVN43534286/index.html
Cybozu Garoon 3.0.0 to 4.2.4 may allow an attacker to lock another user’s file through a specially crafted page. Date published : 2017-07-07 https://support.cybozu.com/ja-jp/article/9648 http://jvn.jp/en/jp/JVN43534286/index.html