Refine your search
2 vulnerabilities found for MailPack by SKYARC System
jvndb-2011-000094
Vulnerability from jvndb
Published
2011-10-31 18:03
Modified
2011-11-08 17:38
Summary
Multiple SKYARC System Co., Ltd. products vulnerable to cross-site request forgery
Details
Multiple products provided by SKYARC System Co., Ltd. contain a cross-site request forgery vulnerability.
MTCMS and multiple Movable Type plugins provided by SKYARC System Co., Ltd. contain a cross-site request forgery vulnerability.
References
| Type | URL | |
|---|---|---|
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000094.html",
"dc:date": "2011-11-08T17:38+09:00",
"dcterms:issued": "2011-10-31T18:03+09:00",
"dcterms:modified": "2011-11-08T17:38+09:00",
"description": "Multiple products provided by SKYARC System Co., Ltd. contain a cross-site request forgery vulnerability.\r\n\r\nMTCMS and multiple Movable Type plugins provided by SKYARC System Co., Ltd. contain a cross-site request forgery vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000094.html",
"sec:cpe": [
{
"#text": "cpe:/a:skyarc:authoreffective",
"@product": "AuthorEffective",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:autotagging",
"@product": "AutoTagging",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:duplicateentry",
"@product": "DuplicateEntry",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:entryimexporter",
"@product": "EntryImExporter",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:mailpack",
"@product": "MailPack",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:mtcms",
"@product": "MTCMS",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:mtcms",
"@product": "MTCMS",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:multifileuploader",
"@product": "MultiFileUploader",
"@vendor": "SKYARC System",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2011-000094",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN56667137/index.html",
"@id": "JVN#56667137",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3994",
"@id": "CVE-2011-3994",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2011-3994",
"@id": "CVE-2011-3994",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-352",
"@title": "Cross-Site Request Forgery(CWE-352)"
}
],
"title": "Multiple SKYARC System Co., Ltd. products vulnerable to cross-site request forgery"
}
jvndb-2011-000093
Vulnerability from jvndb
Published
2011-10-31 17:54
Modified
2011-11-08 17:38
Summary
Multiple SKYARC System Co., Ltd. products fail to restrict access permissions
Details
Multiple products provided by SKYARC System Co., Ltd. contain an issue where access permissions are not restricted.
MTCMS and multiple Movable Type plugins provided by SKYARC System Co., Ltd. contain an issue where access permissions are not restricted.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000093.html",
"dc:date": "2011-11-08T17:38+09:00",
"dcterms:issued": "2011-10-31T17:54+09:00",
"dcterms:modified": "2011-11-08T17:38+09:00",
"description": "Multiple products provided by SKYARC System Co., Ltd. contain an issue where access permissions are not restricted.\r\n\r\nMTCMS and multiple Movable Type plugins provided by SKYARC System Co., Ltd. contain an issue where access permissions are not restricted.",
"link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000093.html",
"sec:cpe": [
{
"#text": "cpe:/a:skyarc:authoreffective",
"@product": "AuthorEffective",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:autotagging",
"@product": "AutoTagging",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:duplicateentry",
"@product": "DuplicateEntry",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:entryimexporter",
"@product": "EntryImExporter",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:mailpack",
"@product": "MailPack",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:mtcms",
"@product": "MTCMS",
"@vendor": "SKYARC System",
"@version": "2.2"
},
{
"#text": "cpe:/a:skyarc:multifileuploader",
"@product": "MultiFileUploader",
"@vendor": "SKYARC System",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "4.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2011-000093",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN41032068/index.html",
"@id": "JVN#41032068",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3993",
"@id": "CVE-2011-3993",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2011-3993",
"@id": "CVE-2011-3993",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-264",
"@title": "Permissions(CWE-264)"
}
],
"title": "Multiple SKYARC System Co., Ltd. products fail to restrict access permissions"
}