Refine your search

2 vulnerabilities found for FileMaker Server by Claris International Inc. (formerly FileMaker, Inc)

jvndb-2016-000063
Vulnerability from jvndb
Published
2016-05-13 14:27
Modified
2016-06-02 09:43
Severity ?
3.1 (Low) - cvssV3_0 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Summary
FileMaker server issue where PHP source code may be viewable
Details
FileMaker server contains an issue where PHP source code may be viewable when Custom Web Publishing with PHP is enabled. Atsushi Matsuo of Emic Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000063.html",
  "dc:date": "2016-06-02T09:43+09:00",
  "dcterms:issued": "2016-05-13T14:27+09:00",
  "dcterms:modified": "2016-06-02T09:43+09:00",
  "description": "FileMaker server contains an issue where PHP source code may be viewable when Custom Web Publishing with PHP is enabled.\r\n\r\nAtsushi Matsuo of Emic Corporation reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000063.html",
  "sec:cpe": {
    "#text": "cpe:/a:claris:filemaker_server",
    "@product": "FileMaker Server",
    "@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
    "@version": "2.2"
  },
  "sec:cvss": [
    {
      "@score": "2.6",
      "@severity": "Low",
      "@type": "Base",
      "@vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
      "@version": "2.0"
    },
    {
      "@score": "3.1",
      "@severity": "Low",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2016-000063",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN91638315/index.html",
      "@id": "JVN#91638315",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1208",
      "@id": "CVE-2016-1208",
      "@source": "CVE"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1208",
      "@id": "CVE-2016-1208",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-20",
      "@title": "Improper Input Validation(CWE-20)"
    }
  ],
  "title": "FileMaker server issue where PHP source code may be viewable"
}

jvndb-2007-000807
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Severity ?
() - -
Summary
FileMaker cross-site scripting vulnerability
Details
FileMaker from FileMaker, Inc. contains a cross-site scripting vulnerability. FileMaker is database software from FileMaker, Inc. FileMaker contains a cross-site scripting vulnerability in its "Instant Web Publishing" function that enables users to publish database contents on the web.
References
Impacted products
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000807.html",
  "dc:date": "2008-05-21T00:00+09:00",
  "dcterms:issued": "2008-05-21T00:00+09:00",
  "dcterms:modified": "2008-05-21T00:00+09:00",
  "description": "FileMaker from FileMaker, Inc. contains a cross-site scripting vulnerability.\r\n\r\nFileMaker is database software from FileMaker, Inc.\r\nFileMaker contains a cross-site scripting vulnerability in its \"Instant Web Publishing\" function that enables users to publish database contents on the web.",
  "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000807.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:claris:filemaker",
      "@product": "FileMaker",
      "@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:claris:filemaker_pro",
      "@product": "FileMaker Pro",
      "@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:claris:filemaker_server",
      "@product": "FileMaker Server",
      "@vendor": "Claris International Inc. (formerly FileMaker, Inc)",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "4.3",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2007-000807",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN55833292/index.html",
      "@id": "JVN#55833292",
      "@source": "JVN"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6104",
      "@id": "CVE-2007-6104",
      "@source": "CVE"
    },
    {
      "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6104",
      "@id": "CVE-2007-6104",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/27750",
      "@id": "SA27750",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/26515",
      "@id": "26515",
      "@source": "BID"
    },
    {
      "#text": "http://xforce.iss.net/xforce/xfdb/38600",
      "@id": "38600",
      "@source": "XF"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2007/3937",
      "@id": "FrSIRT/ADV-2007-3937",
      "@source": "FRSIRT"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-79",
      "@title": "Cross-site Scripting(CWE-79)"
    }
  ],
  "title": "FileMaker cross-site scripting vulnerability"
}