MidnightBSD

Advisories for c-board_moyuku_project

CVE-2014-2002 MEDIUM

Cross-site scripting (XSS) vulnerability in C-BOARD Moyuku 1.01b6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
c-board_moyuku_project c-board_moyuku *
c-board_moyuku_project c-board_moyuku 1.01
CVE-2015-0877 HIGH

Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD Moyuku before 1.03b3 allows remote attackers to execute arbitrary code by uploading a file with a \0 character in its name.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
c-board_moyuku_project c-board_moyuku 1.02
c-board_moyuku_project c-board_moyuku *
c-board_moyuku_project c-board_moyuku 1.01
c-board_moyuku_project c-board_moyuku 1.03