|
268691
|
6.5 |
MEDIUM
Network
|
cybozu
|
office
|
customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service via unspecified vectors, a different vulnerability than CVE-2015-8489.
|
CWE-20
Improper Input Validation
|
CVE-2016-1153
|
2024-11-21 11:45 |
2016-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268692
|
5.4 |
MEDIUM
Network
|
cybozu
|
office
|
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions, and read or write to plan data, via unspecified vectors, a different vulnerability than CV…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2016-1152
|
2024-11-21 11:45 |
2016-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268693
|
8.8 |
HIGH
Network
|
cybozu
|
office
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu Office 9.9.0 through 10.3.0 allow remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2016-1151
|
2024-11-21 11:45 |
2016-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268694
|
6.1 |
MEDIUM
Network
|
cybozu
|
office
|
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than C…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1150
|
2024-11-21 11:45 |
2016-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268695
|
6.1 |
MEDIUM
Network
|
cybozu
|
office
|
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than C…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1149
|
2024-11-21 11:45 |
2016-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268696
|
7.5 |
HIGH
Network
|
nec
|
expresscluster_x
|
Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via u…
|
CWE-22
Path Traversal
|
CVE-2016-1145
|
2024-11-21 11:45 |
2016-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268697
|
5.4 |
MEDIUM
Network
|
websquare
|
job-cube
|
Cross-site scripting (XSS) vulnerability in JOB-CUBE -JOB WEB SYSTEM before 1.2.2 and -JOB WEB SYSTEM High Income 1.0.6 and earlier allows remote authenticated users to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1144
|
2024-11-21 11:45 |
2016-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268698
|
6.1 |
MEDIUM
Network
|
vine_mv_project
|
vine_mv
|
Cross-site scripting (XSS) vulnerability in main.rb in Vine MV before 2015-11-08 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1143
|
2024-11-21 11:45 |
2016-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268699
|
4.7 |
MEDIUM
Network
|
kddi
|
home_spot_cube_firmware
|
KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2016-1141
|
2024-11-21 11:45 |
2016-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268700
|
6.1 |
MEDIUM
Network
|
kddi
|
home_spot_cube_firmware
|
KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via unspecified vectors.
|
CWE-254
7PK - Security Features
|
CVE-2016-1140
|
2024-11-21 11:45 |
2016-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
