Refine your search
3 vulnerabilities found for La!coodaWIZ by System Consultants Co.,Ltd.
jvndb-2008-000049
Vulnerability from jvndb
Published
2008-09-02 17:03
Modified
2008-09-02 17:03
Summary
Vulnerability in La!cooda WIZ and LacoodaST allowing an arbitrary PHP script execution
Details
La!cooda WIZ and LacoodaST contain a vulnerability which may allow a malicious user to execute an arbitrary PHP script on the server.
La!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a vulnerability which may allow a malicious user to execute an arbitrary PHP script on the server.
Hirotaka Katagiri reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000049.html",
"dc:date": "2008-09-02T17:03+09:00",
"dcterms:issued": "2008-09-02T17:03+09:00",
"dcterms:modified": "2008-09-02T17:03+09:00",
"description": "La!cooda WIZ and LacoodaST contain a vulnerability which may allow a malicious user to execute an arbitrary PHP script on the server.\r\n\r\nLa!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a vulnerability which may allow a malicious user to execute an arbitrary PHP script on the server.\r\n\r\nHirotaka Katagiri reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000049.html",
"sec:cpe": [
{
"#text": "cpe:/a:spacetag:lacoodast",
"@product": "LacoodaST",
"@vendor": "SPACETAG INC.",
"@version": "2.2"
},
{
"#text": "cpe:/a:system_consultants:la_cooda_wiz",
"@product": "La!coodaWIZ",
"@vendor": "System Consultants Co.,Ltd.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.5",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-000049",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN53886050/index.html",
"@id": "JVN#53886050",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3737",
"@id": "CVE-2008-3737",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3737",
"@id": "CVE-2008-3737",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/31582",
"@id": "SA31582",
"@source": "SECUNIA"
},
{
"#text": "http://secunia.com/advisories/31574",
"@id": "SA31574",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/30791",
"@id": "30791",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/44594",
"@id": "44594",
"@source": "XF"
},
{
"#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000049.html",
"@id": "JVNDB-2008-000049",
"@source": "JVNDB_Ja"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-94",
"@title": "Code Injection(CWE-94)"
}
],
"title": "Vulnerability in La!cooda WIZ and LacoodaST allowing an arbitrary PHP script execution"
}
jvndb-2008-000048
Vulnerability from jvndb
Published
2008-09-02 17:02
Modified
2008-09-02 17:02
Summary
La!cooda WIZ and LacoodaST vulnerable to cross-site scripting
Details
La!cooda WIZ and LacoodaST contain a cross-site scripting vulnerability.
La!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a cross-site scripting vulnerability.
Hirotaka Katagiri reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
References
| Type | URL | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000048.html",
"dc:date": "2008-09-02T17:02+09:00",
"dcterms:issued": "2008-09-02T17:02+09:00",
"dcterms:modified": "2008-09-02T17:02+09:00",
"description": "La!cooda WIZ and LacoodaST contain a cross-site scripting vulnerability.\r\n\r\nLa!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a cross-site scripting vulnerability.\r\n\r\nHirotaka Katagiri reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000048.html",
"sec:cpe": [
{
"#text": "cpe:/a:spacetag:lacoodast",
"@product": "LacoodaST",
"@vendor": "SPACETAG INC.",
"@version": "2.2"
},
{
"#text": "cpe:/a:system_consultants:la_cooda_wiz",
"@product": "La!coodaWIZ",
"@vendor": "System Consultants Co.,Ltd.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-000048",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN52557009/index.html",
"@id": "JVN#52557009",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3739",
"@id": "CVE-2008-3739",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3739",
"@id": "CVE-2008-3739",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/31582",
"@id": "SA31582",
"@source": "SECUNIA"
},
{
"#text": "http://secunia.com/advisories/31574",
"@id": "SA31574",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/30791",
"@id": "30791",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/44593",
"@id": "44593",
"@source": "XF"
},
{
"#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000048.html",
"@id": "JVNDB-2008-000048",
"@source": "JVNDB_Ja"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "La!cooda WIZ and LacoodaST vulnerable to cross-site scripting"
}
jvndb-2008-000046
Vulnerability from jvndb
Published
2008-09-02 16:58
Modified
2008-09-02 16:58
Summary
La!cooda WIZ and LacoodaST vulnerable to cross-site request forgery
Details
La!cooda WIZ and LacoodaST contain a cross-site request forgery vulnerability.
La!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a cross-site request forgery vulnerability.
Hirotaka Katagiri reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
References
| Type | URL | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000046.html",
"dc:date": "2008-09-02T16:58+09:00",
"dcterms:issued": "2008-09-02T16:58+09:00",
"dcterms:modified": "2008-09-02T16:58+09:00",
"description": "La!cooda WIZ and LacoodaST contain a cross-site request forgery vulnerability. \r\n\r\nLa!cooda WIZ from System Consultants Co., Ltd. and LacoodaST from SpaceTag, Inc. are groupware providing schedule and task managements, etc. La!cooda WIZ and LacoodaST contain a cross-site request forgery vulnerability. \r\n\r\nHirotaka Katagiri reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000046.html",
"sec:cpe": [
{
"#text": "cpe:/a:spacetag:lacoodast",
"@product": "LacoodaST",
"@vendor": "SPACETAG INC.",
"@version": "2.2"
},
{
"#text": "cpe:/a:system_consultants:la_cooda_wiz",
"@product": "La!coodaWIZ",
"@vendor": "System Consultants Co.,Ltd.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-000046",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN83428818/index.html",
"@id": "JVN#83428818",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3736",
"@id": "CVE-2008-3736",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3736",
"@id": "CVE-2008-3736",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/31582",
"@id": "SA31582",
"@source": "SECUNIA"
},
{
"#text": "http://secunia.com/advisories/31574",
"@id": "SA31574",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/30791",
"@id": "30791",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/44592",
"@id": "44592",
"@source": "XF"
},
{
"#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-000046.html",
"@id": "JVNDB-2008-000046",
"@source": "JVNDB_Ja"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-352",
"@title": "Cross-Site Request Forgery(CWE-352)"
}
],
"title": "La!cooda WIZ and LacoodaST vulnerable to cross-site request forgery"
}