MidnightBSD

Advisories for nishishi

CVE-2015-0870 MEDIUM

Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi Factory Fumy News Clipper 2.x before 2.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
nishishi fumy_news_clipper 2.0
nishishi fumy_news_clipper 2.4.0
nishishi fumy_news_clipper 2.1.0
nishishi fumy_news_clipper 2.3.0
nishishi fumy_news_clipper 2.2.0
CVE-2015-0900 MEDIUM

Cross-site scripting (XSS) vulnerability in schedule.cgi in Nishishi Factory Fumy Teacher's Schedule Board 1.10 through 2.21 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
nishishi fumy_teachers_schedule_board 2.10
nishishi fumy_teachers_schedule_board 2.21
nishishi fumy_teachers_schedule_board 1.10
nishishi fumy_teachers_schedule_board 2.00
nishishi fumy_teachers_schedule_board 2.20