MidnightBSD

Advisories for futomi

CVE-2010-2366 MEDIUM

Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access Analyzer CGI Professional, and Standard 4.0.2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
futomi access_analyzer_cgi 1.0
futomi access_analyzer_cgi 4.0.1
futomi access_analyzer_cgi 2.4
futomi access_analyzer_cgi 1.5
futomi access_analyzer_cgi 3.8
futomi access_analyzer_cgi 2.0
futomi access_analyzer_cgi 3.2
futomi access_analyzer_cgi 3.8.1
futomi access_analyzer_cgi 4.0.0
futomi access_analyzer_cgi *
futomi access_analyzer_cgi 1.3
futomi access_analyzer_cgi 3.4
futomi access_analyzer_cgi 2.1
futomi access_analyzer_cgi 3.3
futomi access_analyzer_cgi 1.7
futomi access_analyzer_cgi 3.0
futomi access_analyzer_cgi 3.5
futomi access_analyzer_cgi 3.1
futomi access_analyzer_cgi 1.6
futomi access_analyzer_cgi 2.2
futomi access_analyzer_cgi 1.1
futomi access_analyzer_cgi 1.4
futomi access_analyzer_cgi 3.6
futomi access_analyzer_cgi 3.7
futomi access_analyzer_cgi 2.3
futomi access_analyzer_cgi 1.2
CVE-2015-0898 HIGH

futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows allows remote attackers to execute arbitrary Perl code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
futomi mp_form_mail_cgi 2.0.0
futomi mp_form_mail_cgi 2.0.12
futomi mp_form_mail_cgi 2.0.5
futomi mp_form_mail_cgi 2.0.1
futomi mp_form_mail_cgi 2.0.4
futomi mp_form_mail_cgi 2.0.6
futomi mp_form_mail_cgi 2.0.9
futomi mp_form_mail_cgi *
futomi mp_form_mail_cgi 2.0.2
futomi mp_form_mail_cgi 2.0.8
futomi mp_form_mail_cgi 2.0.3
futomi mp_form_mail_cgi 2.0.10
futomi mp_form_mail_cgi 2.0.7
CVE-2016-1212 MEDIUM

Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
futomi mp_form_mail_cgi *
CVE-2018-0514 HIGH

MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
futomi mp_form_mail_cgi *