Search criteria
24 vulnerabilities found for namazu by namazu
FKIE_CVE-2011-4711
Vulnerability from fkie_nvd - Published: 2011-12-08 19:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:rc3:*:*:*:*:*:*",
"matchCriteriaId": "647040BF-8800-406B-870A-3FA2AF972E54",
"versionEndIncluding": "2.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED6AA51-FAF2-462F-8C7D-4BC7138C552D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75571060-1953-4C8F-83A0-804618CB101A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0F99DF35-76D9-49F6-A69F-0A7C23163146",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D71EFDED-EBAB-43B3-A8B3-BD0C36D33470",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4F3040D0-809A-47C6-BA23-5B29FB1E19F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCCDF60-6F98-4753-B3F0-FA73BE089462",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77EDE590-3BA5-4930-8733-0CE3A8DE84CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A51A084F-E73B-4339-9D07-74ED21991755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB24B37-8C3B-4351-BBF7-DBCDAB8D4CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4B0902F-BF0B-4CA2-A5DD-9DCCBFD3ACBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A118BAB-B300-4442-9790-CEDC1F22A04C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD58F5BF-B770-430D-9440-22FDCC3B7C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54583C9C-480A-4024-803F-DAE339CD6ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "86D29749-1E41-4C6A-AE91-E24419832A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F56924D-049D-4BE1-8CE8-8FB43D6F0EFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3941646A-CC93-4318-A892-4CDD0CCCDE59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8D61E65F-BC0C-4DF1-8B6A-FF8B83D58E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.4a:*:*:*:*:*:*:*",
"matchCriteriaId": "C7977CFD-BE97-4347-9AD5-8A5DA41FE9D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.0.4b:*:*:*:*:*:*:*",
"matchCriteriaId": "B41DC8AE-4D32-456A-8800-C6B68DCEF41B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF9D1A68-9980-4259-80F3-AE66F0046028",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "B4ABD1BC-BB87-44D9-9297-9F3B08C0998A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA26197-2BF7-4F2A-B8B7-3029E14E649E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "417C4C57-EC28-4454-AF4E-BC9BD1BCC3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "43E392EC-B137-4146-AA4C-B0B6239D129D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3E89D545-F9A0-4FA4-9C2E-602F6C27AC19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1541C341-F25C-4299-B6B3-A6604D877512",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "20F3AF09-AE3A-4BB4-A815-EA873926C11C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "34127CEC-68C4-4339-96AA-F88764E42916",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4EFE49F2-820F-49F4-891B-05FD874E2EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DDEB067-EFE8-4B3E-83C7-7AFE44A1210B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8C4014-553D-43B9-81A3-8C461CD282F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "84D13743-91B5-46B2-8E29-77E1C5B4AEC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48C510B7-C653-47BC-890B-23D19DA57948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3169073-F2D2-42E7-A54A-6A576CB26FC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD5F6C2-B112-46A4-9519-57D3063C60A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0454EB1A-F893-4A19-A782-A50BFEB0D10E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "68F32FE9-0929-42BF-839B-95755C599A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EB488A-475D-443D-AD1C-D933FE5450F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.0.5:beta2:*:*:*:*:*:*",
"matchCriteriaId": "D8EFDF9F-2696-49B6-8BE3-17AC91FB8FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta10:*:*:*:*:*:*",
"matchCriteriaId": "BC76135E-22F3-4BE4-8018-20ADB47E8716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta11:*:*:*:*:*:*",
"matchCriteriaId": "E8FB7F11-6C58-4841-876B-CF81E10388FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta12:*:*:*:*:*:*",
"matchCriteriaId": "00E7E029-C623-4EC6-AD3A-81D39E7148CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta13:*:*:*:*:*:*",
"matchCriteriaId": "68AAAE67-6C4D-4F67-BC52-370A3C5DD1F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "93C53A17-1A82-41BF-B3DA-7E683C3C3145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "33ECA260-54B9-41CC-A930-C0E5B4FD1E9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "0D9C7A66-C7CB-44CF-A77E-E1646FF225F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "F837573C-5A04-4B45-A1F7-D5913D482578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.2.1.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "3B94F15C-63A6-4751-8ADD-50E032BCA8A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9255B365-7271-4D25-AAEA-3BF85324BFD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "D0688B5C-EC2D-452B-8911-E84FAC131963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta10:*:*:*:*:*:*",
"matchCriteriaId": "D022F695-727E-4CF9-BFE4-801D12C90FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta11:*:*:*:*:*:*",
"matchCriteriaId": "639D8490-46A9-4BD8-90C1-2B7B4D9144C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta12:*:*:*:*:*:*",
"matchCriteriaId": "6A2E4079-F036-4F6A-AB4C-37F2B3EBCF76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta13:*:*:*:*:*:*",
"matchCriteriaId": "4C386377-286E-4539-B1F1-37CE267D109C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "1AF30437-19F6-420C-9DEC-AC6D422A78AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "1C5C79E4-C1C9-458F-B321-8977B2AD7507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "B8F92354-4323-4986-9DBA-FF0148CB2426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "E79C5C51-35D6-4453-B60B-BDBD142A1B45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "6E6CA0EC-B8AD-4E60-AD79-9B689D7249C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "E9EE4A36-0B53-4BAA-842F-CBC26BB9224E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "A71EAF55-962F-4A64-BD5F-133F2758001E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "7E3B5823-9C2A-47AF-AECE-F2B0411FEDB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "60ADCB9F-C1E6-4364-A2C2-5DECF6D71EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.1:beta1:*:*:*:*:*:*",
"matchCriteriaId": "7E52FE67-FD0E-4A39-9102-8CA4D05E054B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E3076B-BF75-4781-9C72-93B49CEC0439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "4C77A20A-756E-4A11-9193-452B5547B69A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha10:*:*:*:*:*:*",
"matchCriteriaId": "54EEBEEE-94C0-4E2B-9D58-427F5FB62FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha11:*:*:*:*:*:*",
"matchCriteriaId": "D16BC6EC-0161-4D83-83D5-65FA505E4339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "C36AA4D5-0427-4A6D-BFC4-E5E68CBB02D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "B627CB30-F161-474E-AC66-1E8DD133356F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "522F4743-636D-40E7-AFF9-034E68FBA74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "19489F29-F621-45FF-8810-54F2413C05C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "95676E74-A204-4FD1-B5A5-87F9DF9B6E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha7:*:*:*:*:*:*",
"matchCriteriaId": "D5B4F1EF-2223-4606-B9D4-B8ADFBF05639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha8:*:*:*:*:*:*",
"matchCriteriaId": "240351EC-3746-4C54-883F-4D21FCAC5A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.1.0:alpha9:*:*:*:*:*:*",
"matchCriteriaId": "C4E98888-8ABC-42C7-BE63-659E0354537E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "5E006BEC-AACC-41AB-8104-254F82AFEF9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "33FC9475-5F83-4790-876E-BE88079AF3F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "9C9C23AB-D29E-479B-B86A-86137360C8F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "DC127763-919D-43C4-B4AC-B10E4F01589D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha5:*:*:*:*:*:*",
"matchCriteriaId": "272B3D4E-E195-45C9-8734-8B0F610AE70D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha6:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2FAF-085F-49B7-9BEC-6415E6FE6664",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:alpha7:*:*:*:*:*:*",
"matchCriteriaId": "D406BABF-2507-4D82-9606-0DF0C14D2C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "79C27BE4-317C-4475-84DE-E53D0D8FBBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "F81A55FB-7449-43D4-B76C-14B34F06C25C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "1CBB07DF-E579-452E-94C6-F4B38BDAD327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "5E1C7A14-88A1-44CE-A1C9-A02D8DA9E388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta5:*:*:*:*:*:*",
"matchCriteriaId": "B045FAD4-11AF-4ED8-A99F-022247DCEFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta6:*:*:*:*:*:*",
"matchCriteriaId": "98C1182D-17B4-4A9C-91FE-6DE55C7E975F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta7:*:*:*:*:*:*",
"matchCriteriaId": "8172FBA0-3C33-45F3-B688-73918AC280D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.4.0.0:beta8:*:*:*:*:*:*",
"matchCriteriaId": "EF12E60A-45F7-4F0C-BB47-72460F4AEAA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9E6345-F6AF-4AC4-B9A5-54EDAB3E49CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "53E1A065-5E2B-42B0-813F-F1A750099BF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F17EB317-5BCF-4756-8F1E-FD3303BBC662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CD212F26-EB20-45BC-BF9D-AB5B5FCF72FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC21E6A1-B191-415C-8E6C-03DF9ED40323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4BAB0EA-8AB0-413D-B039-7C5D59C33B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3F986C7F-6FC5-4420-B56B-DEAF39F74B20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:pre1:*:*:*:*:*:*",
"matchCriteriaId": "828FB8F9-6A58-42E3-8806-1A2923C5039D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:pre2:*:*:*:*:*:*",
"matchCriteriaId": "B3F03670-7A88-456A-86F7-5B56AC6D75A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:pre3:*:*:*:*:*:*",
"matchCriteriaId": "110C3AC4-8063-4303-8B29-D5BD3639E727",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "BF297FF5-4D06-46E6-A394-3F497B2D0C4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc2:*:*:*:*:*:*",
"matchCriteriaId": "DEE982F4-4C18-4665-B14A-528728E26D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc3:*:*:*:*:*:*",
"matchCriteriaId": "6C1FA5C0-18E0-4B69-9964-7DCA62045CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3616525D-3D21-4B02-964E-23A0F36E0A87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc5:*:*:*:*:*:*",
"matchCriteriaId": "6368A560-9837-425A-8999-E17E474F6855",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc6:*:*:*:*:*:*",
"matchCriteriaId": "80E4D352-3CA3-4954-BFED-BF7F534B0279",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.6:rc7:*:*:*:*:*:*",
"matchCriteriaId": "085D4514-0EDD-4A7F-9150-4D8B6187F98D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DEE8D199-8F49-478E-B5A7-4901F11446FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.7:pre1:*:*:*:*:*:*",
"matchCriteriaId": "62CAA242-D414-4B36-B920-95153E8513F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.7:pre2:*:*:*:*:*:*",
"matchCriteriaId": "37D5F95A-D44B-4719-9B7A-8AD9BB9F7C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.7:pre3:*:*:*:*:*:*",
"matchCriteriaId": "4AC0D8BD-6F6C-4F1E-B0A9-76ED623665D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "694F5F25-3A11-47C8-9007-B9E6BEFAC0ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.8:pre1:*:*:*:*:*:*",
"matchCriteriaId": "6F53ADBF-0064-49C6-AAA5-C3D67D288C43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "68E61791-8FFC-4352-9239-E9385F295688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8D3B4FCB-5BFE-424C-9499-4549FC571BC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8F327931-C7FE-41B4-8D2C-27B1D8B8C6F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DD0C7C25-479C-42EE-A462-E9ADE97EFF17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4BEA3E27-ADF8-41E3-8E32-F7B05C90DDA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "429D214D-1833-4B93-A496-BFCEF996987E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.11:pre1:*:*:*:*:*:*",
"matchCriteriaId": "8B124E14-2F62-466B-83DF-DD9FAEC030F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.11:pre2:*:*:*:*:*:*",
"matchCriteriaId": "1C66D997-1C5C-4245-AAFB-391A76A21E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.11:pre3:*:*:*:*:*:*",
"matchCriteriaId": "56C58C12-1172-4330-BBA8-AE9923308E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.11:pre4:*:*:*:*:*:*",
"matchCriteriaId": "43B6ED25-B499-405D-BCA5-2C2B8940C135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "71C4F1F4-53D0-4EE4-8F6C-171E9B43A942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre3:*:*:*:*:*:*",
"matchCriteriaId": "ACD71903-ABF4-4B6E-B8D2-5E4A470018B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre4:*:*:*:*:*:*",
"matchCriteriaId": "9B189415-ECC5-4D65-9B35-8E1F021765A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre5:*:*:*:*:*:*",
"matchCriteriaId": "E8E1665D-861E-4222-AE2B-B6A0BB640E11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre6:*:*:*:*:*:*",
"matchCriteriaId": "39C1262E-398E-4665-9BA9-773F015F9E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre7:*:*:*:*:*:*",
"matchCriteriaId": "C3B9F413-0083-4BFB-9B58-5A9100B50C25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:pre8:*:*:*:*:*:*",
"matchCriteriaId": "6E8B3AE7-5C21-4039-875B-1729461AC4C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0A177F30-0DDC-4F20-827D-50597880BA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FA5D24E0-2009-47A7-A3FB-F1F8AA51BACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "22106008-3B79-4A7F-A9B8-10A02D6C471B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "3015B051-6C82-4ED3-986F-C0E8857ED15B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8FB99CD9-3892-4F06-AE5A-66741CE8201F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:pre1:*:*:*:*:*:*",
"matchCriteriaId": "6D28CA51-03D6-4B0F-8ABE-056CD79622C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:pre2:*:*:*:*:*:*",
"matchCriteriaId": "903F925B-D6B3-43F4-B57E-40D718038B20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:pre3:*:*:*:*:*:*",
"matchCriteriaId": "5B44DFDC-4D3F-4F03-8D70-E7C7DDEC2921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:pre4:*:*:*:*:*:*",
"matchCriteriaId": "2A8EB959-1522-4EE3-B350-864CA8BFB3B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A25B292C-8476-4395-ADE8-EFBE01B5B0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17A338BB-ACBC-4F63-A44A-83E3758370B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:rc3:*:*:*:*:*:*",
"matchCriteriaId": "36D71068-D159-4231-A6FE-FD38D22F6D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2D7B6E95-933A-4254-9AB1-876A37D6D6E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:rc5:*:*:*:*:*:*",
"matchCriteriaId": "78847126-2207-4B1D-B395-36F81AEEF468",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.16:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17E25825-9873-44F7-AA8C-F3B2C621472A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de salto de directorio en namazu.cgi en Namazu antes de v2.0.16 permite a atacantes remotos leer archivos de su elecci\u00f3n a trav\u00e9s de ..(punto punto) en el par\u00e1metro (1) lang o (2) result"
}
],
"id": "CVE-2011-4711",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-12-08T19:55:05.890",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html#"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html#"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-4345
Vulnerability from fkie_nvd - Published: 2011-11-30 04:05 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| namazu | namazu | * | |
| namazu | namazu | 2.0 | |
| namazu | namazu | 2.0.2 | |
| namazu | namazu | 2.0.12 | |
| namazu | namazu | 2.0.13 | |
| namazu | namazu | 2.0.14 | |
| namazu | namazu | 2.0.15 | |
| namazu | namazu | 2.0.16 | |
| namazu | namazu | 2.0.17 | |
| namazu | namazu | 2.0.18 | |
| namazu | namazu | 2.0.19 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DABD090-5AD7-4C71-915A-E5380FA9BC87",
"versionEndIncluding": "2.0.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9E6345-F6AF-4AC4-B9A5-54EDAB3E49CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F17EB317-5BCF-4756-8F1E-FD3303BBC662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "71C4F1F4-53D0-4EE4-8F6C-171E9B43A942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7E70426F-C511-4582-BF05-448CCFB52607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8FB99CD9-3892-4F06-AE5A-66741CE8201F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5AC101-DF8C-4517-9F46-64E4201D2D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD2D7C9-9A19-4122-B2EF-EF7F53AC58C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C77F8A22-1EF7-4C39-B220-0E459EB7E9C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "33892F22-3F37-4D0A-8108-215397470880",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados XSS en Namazu antes de v2.0.21, cuando se usa Internet Explorer 6 o 7, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de una cookie."
}
],
"id": "CVE-2011-4345",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-11-30T04:05:58.717",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46925"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html#cross-site-scripting"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/50771"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756348"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46925"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html#cross-site-scripting"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-5028
Vulnerability from fkie_nvd - Published: 2011-11-30 04:05 - Updated: 2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0CFC363B-2848-4DB3-9C1C-BCB4D595B8E8",
"versionEndIncluding": "2.0.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9E6345-F6AF-4AC4-B9A5-54EDAB3E49CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F17EB317-5BCF-4756-8F1E-FD3303BBC662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "71C4F1F4-53D0-4EE4-8F6C-171E9B43A942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7E70426F-C511-4582-BF05-448CCFB52607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8FB99CD9-3892-4F06-AE5A-66741CE8201F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5AC101-DF8C-4517-9F46-64E4201D2D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD2D7C9-9A19-4122-B2EF-EF7F53AC58C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "C77F8A22-1EF7-4C39-B220-0E459EB7E9C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en la pila en Namazu anterior a v2.0.20 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de peticiones manipuladas que contiene un campo de la URI vac\u00edo."
}
],
"id": "CVE-2009-5028",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-11-30T04:05:58.327",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.59.8.28\u0026r2=1.59.8.29\u0026sortby=log"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.77.2.8\u0026r2=1.77.2.9\u0026sortby=log"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.86\u0026r2=1.87\u0026sortby=log"
},
{
"source": "secalert@redhat.com",
"url": "http://www.namazu.org/security.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/50772"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756341"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "secalert@redhat.com",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.59.8.28\u0026r2=1.59.8.29\u0026sortby=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.77.2.8\u0026r2=1.77.2.9\u0026sortby=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.86\u0026r2=1.87\u0026sortby=log"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.namazu.org/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-1468
Vulnerability from fkie_nvd - Published: 2008-03-24 21:44 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7652498D-C86D-4457-AE11-99CD320DFCDA",
"versionEndIncluding": "2.0.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:1.3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2AAE7466-56A5-4FBF-8F28-F33150FA2713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7E9E6345-F6AF-4AC4-B9A5-54EDAB3E49CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F17EB317-5BCF-4756-8F1E-FD3303BBC662",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "71C4F1F4-53D0-4EE4-8F6C-171E9B43A942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "7E70426F-C511-4582-BF05-448CCFB52607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "8FB99CD9-3892-4F06-AE5A-66741CE8201F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5AC101-DF8C-4517-9F46-64E4201D2D9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en namazu.cgi de Namazu antes de 2.0.18 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de una entrada codificada con UTF-7, relacionada con un fallo al establecer el conjunto de caracteres, un vector distinto a CVE-2004-1318 y CVE-2001-1350. NOTA: alguno de estos detalles se han obtenido de informaci\u00f3n de terceros."
}
],
"id": "CVE-2008-1468",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-03-24T21:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29386"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29561"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/31687"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/39645"
},
{
"source": "cve@mitre.org",
"url": "http://www.namazu.org/security.html.en"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28380"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/31687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.namazu.org/security.html.en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-1318
Vulnerability from fkie_nvd - Published: 2005-01-06 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DEE8D199-8F49-478E-B5A7-4901F11446FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "694F5F25-3A11-47C8-9007-B9E6BEFAC0ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:namazu:namazu:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB42D2-C51A-4C2B-97DC-308246D7D853",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab (\"%09\") character, which prevents the rest of the query from being properly sanitized."
}
],
"id": "CVE-2004-1318",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13600"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"source": "cve@mitre.org",
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/12516"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/advisories/9028"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/12053"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/12516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/advisories/9028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2001-1352
Vulnerability from fkie_nvd - Published: 2001-12-27 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC217CB-23A3-457D-81B5-368B62F06E0E",
"versionEndIncluding": "2.0.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter."
}
],
"id": "CVE-2001-1352",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5691"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2001-1351
Vulnerability from fkie_nvd - Published: 2001-12-25 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B63CB3EF-BFDD-43A9-A997-7DB29F121EF0",
"versionEndIncluding": "2.0.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers."
}
],
"id": "CVE-2001-1351",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-12-25T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5690"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2001-1350
Vulnerability from fkie_nvd - Published: 2001-11-25 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:namazu:namazu:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57EAE8EC-B5E2-45A6-87C3-15A88AA384C8",
"versionEndIncluding": "2.0.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter."
}
],
"id": "CVE-2001-1350",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-11-25T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"source": "cve@mitre.org",
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2011-4711 (GCVE-0-2011-4711)
Vulnerability from cvelistv5 – Published: 2011-12-08 19:00 – Updated: 2024-08-07 00:16
VLAI?
Summary
Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html#"
},
{
"name": "namazu-namazu-directory-traversal(71489)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html#"
},
{
"name": "namazu-namazu-directory-traversal(71489)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.namazu.org/security.html#",
"refsource": "CONFIRM",
"url": "http://www.namazu.org/security.html#"
},
{
"name": "namazu-namazu-directory-traversal(71489)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4711",
"datePublished": "2011-12-08T19:00:00",
"dateReserved": "2011-12-08T00:00:00",
"dateUpdated": "2024-08-07T00:16:34.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5028 (GCVE-0-2009-5028)
Vulnerability from cvelistv5 – Published: 2011-11-30 02:00 – Updated: 2024-08-07 07:24
VLAI?
Summary
Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:53.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.59.8.28\u0026r2=1.59.8.29\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50772",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756341"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.77.2.8\u0026r2=1.77.2.9\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.86\u0026r2=1.87\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.59.8.28\u0026r2=1.59.8.29\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50772",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756341"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.77.2.8\u0026r2=1.77.2.9\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.86\u0026r2=1.87\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-5028",
"datePublished": "2011-11-30T02:00:00",
"dateReserved": "2010-12-09T00:00:00",
"dateUpdated": "2024-08-07T07:24:53.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4345 (GCVE-0-2011-4345)
Vulnerability from cvelistv5 – Published: 2011-11-30 02:00 – Updated: 2024-08-07 00:01
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:01:51.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756348"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50771",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50771"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html#cross-site-scripting"
},
{
"name": "46925",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46925"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756348"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50771",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50771"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html#cross-site-scripting"
},
{
"name": "46925",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46925"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4345",
"datePublished": "2011-11-30T02:00:00",
"dateReserved": "2011-11-04T00:00:00",
"dateUpdated": "2024-08-07T00:01:51.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1468 (GCVE-0-2008-1468)
Vulnerability from cvelistv5 – Published: 2008-03-24 21:00 – Updated: 2024-08-07 08:24
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMA02525",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SUSE-SR:2008:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "29561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29561"
},
{
"name": "31687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31687"
},
{
"name": "FEDORA-2008-2678",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"name": "HPSBMA02492",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "28380",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28380"
},
{
"name": "JVN#00892830",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"name": "FEDORA-2008-2767",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"name": "39645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39645"
},
{
"name": "namazu-character-encoding-xss(41360)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html.en"
},
{
"name": "29386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29386"
},
{
"name": "SSRT100083",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SSRT100079",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBMA02525",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SUSE-SR:2008:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "29561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29561"
},
{
"name": "31687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31687"
},
{
"name": "FEDORA-2008-2678",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"name": "HPSBMA02492",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "28380",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28380"
},
{
"name": "JVN#00892830",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"name": "FEDORA-2008-2767",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"name": "39645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39645"
},
{
"name": "namazu-character-encoding-xss(41360)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html.en"
},
{
"name": "29386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29386"
},
{
"name": "SSRT100083",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SSRT100079",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMA02525",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SUSE-SR:2008:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "29561",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29561"
},
{
"name": "31687",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31687"
},
{
"name": "FEDORA-2008-2678",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"name": "HPSBMA02492",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "28380",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28380"
},
{
"name": "JVN#00892830",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"name": "FEDORA-2008-2767",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"name": "39645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39645"
},
{
"name": "namazu-character-encoding-xss(41360)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"name": "http://www.namazu.org/security.html.en",
"refsource": "CONFIRM",
"url": "http://www.namazu.org/security.html.en"
},
{
"name": "29386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29386"
},
{
"name": "SSRT100083",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SSRT100079",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1468",
"datePublished": "2008-03-24T21:00:00",
"dateReserved": "2008-03-24T00:00:00",
"dateUpdated": "2024-08-07T08:24:42.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1318 (GCVE-0-2004-1318)
Vulnerability from cvelistv5 – Published: 2005-01-06 05:00 – Updated: 2024-08-08 00:46
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1012805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"name": "1012802",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"name": "DSA-627",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"name": "13600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13600"
},
{
"name": "namazu-tab-query-xss(18623)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"name": "12053",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12053"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "FEDORA-2004-557",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"name": "12516",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12516"
},
{
"name": "HPSBMA01212",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/9028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab (\"%09\") character, which prevents the rest of the query from being properly sanitized."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1012805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"name": "1012802",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"name": "DSA-627",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"name": "13600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13600"
},
{
"name": "namazu-tab-query-xss(18623)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"name": "12053",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12053"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "FEDORA-2004-557",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"name": "12516",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12516"
},
{
"name": "HPSBMA01212",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/advisories/9028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab (\"%09\") character, which prevents the rest of the query from being properly sanitized."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1012805",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"name": "1012802",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"name": "DSA-627",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"name": "13600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13600"
},
{
"name": "namazu-tab-query-xss(18623)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"name": "http://www.namazu.org/security.html.en#xss-tab",
"refsource": "CONFIRM",
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"name": "12053",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12053"
},
{
"name": "SUSE-SR:2005:001",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "FEDORA-2004-557",
"refsource": "FEDORA",
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"name": "http://jvn.jp/jp/JVN%23904429FE.html",
"refsource": "MISC",
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"name": "12516",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12516"
},
{
"name": "HPSBMA01212",
"refsource": "HP",
"url": "http://www.securityfocus.com/advisories/9028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1318",
"datePublished": "2005-01-06T05:00:00",
"dateReserved": "2005-01-03T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1351 (GCVE-0-2001-1351)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 04:51
VLAI?
Summary
Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5690",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5690"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5690",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5690"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2001:162",
"refsource": "REDHAT",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "linux-namazu-css(7875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5690",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5690"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1351",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-06-02T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1352 (GCVE-0-2001-1352)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 04:51
VLAI?
Summary
Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020109 Details on the updated namazu packages that are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5691"
},
{
"name": "20011227 Re: [RHSA-2001:162-04] Updated namazu packages are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"name": "RHSA-2001:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020109 Details on the updated namazu packages that are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5691"
},
{
"name": "20011227 Re: [RHSA-2001:162-04] Updated namazu packages are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"name": "RHSA-2001:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020109 Details on the updated namazu packages that are available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"name": "linux-namazu-css(7875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5691",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5691"
},
{
"name": "20011227 Re: [RHSA-2001:162-04] Updated namazu packages are available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"name": "RHSA-2001:179",
"refsource": "REDHAT",
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1352",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-06-02T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1350 (GCVE-0-2001-1350)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 04:51
VLAI?
Summary
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-07-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2001:162",
"refsource": "REDHAT",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html",
"refsource": "MISC",
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1350",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-06-02T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4711 (GCVE-0-2011-4711)
Vulnerability from nvd – Published: 2011-12-08 19:00 – Updated: 2024-08-07 00:16
VLAI?
Summary
Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:34.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html#"
},
{
"name": "namazu-namazu-directory-traversal(71489)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html#"
},
{
"name": "namazu-namazu-directory-traversal(71489)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4711",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in namazu.cgi in Namazu before 2.0.16 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) result parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.namazu.org/security.html#",
"refsource": "CONFIRM",
"url": "http://www.namazu.org/security.html#"
},
{
"name": "namazu-namazu-directory-traversal(71489)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71489"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4711",
"datePublished": "2011-12-08T19:00:00",
"dateReserved": "2011-12-08T00:00:00",
"dateUpdated": "2024-08-07T00:16:34.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5028 (GCVE-0-2009-5028)
Vulnerability from nvd – Published: 2011-11-30 02:00 – Updated: 2024-08-07 07:24
VLAI?
Summary
Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:24:53.775Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.59.8.28\u0026r2=1.59.8.29\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50772",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756341"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.77.2.8\u0026r2=1.77.2.9\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.86\u0026r2=1.87\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Namazu before 2.0.20 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted request containing an empty uri field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.59.8.28\u0026r2=1.59.8.29\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50772",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756341"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.77.2.8\u0026r2=1.77.2.9\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.namazu.org/namazu/src/result.c?sortdir=down\u0026r1=1.86\u0026r2=1.87\u0026sortby=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2009-5028",
"datePublished": "2011-11-30T02:00:00",
"dateReserved": "2010-12-09T00:00:00",
"dateUpdated": "2024-08-07T07:24:53.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4345 (GCVE-0-2011-4345)
Vulnerability from nvd – Published: 2011-11-30 02:00 – Updated: 2024-08-07 00:01
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:01:51.638Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756348"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50771",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50771"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html#cross-site-scripting"
},
{
"name": "46925",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46925"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7 is used, allows remote attackers to inject arbitrary web script or HTML via a cookie."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-16T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=756348"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "50771",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50771"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html#cross-site-scripting"
},
{
"name": "46925",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46925"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4345",
"datePublished": "2011-11-30T02:00:00",
"dateReserved": "2011-11-04T00:00:00",
"dateUpdated": "2024-08-07T00:01:51.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1468 (GCVE-0-2008-1468)
Vulnerability from nvd – Published: 2008-03-24 21:00 – Updated: 2024-08-07 08:24
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.804Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBMA02525",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SUSE-SR:2008:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "29561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29561"
},
{
"name": "31687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31687"
},
{
"name": "FEDORA-2008-2678",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"name": "HPSBMA02492",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "28380",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28380"
},
{
"name": "JVN#00892830",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"name": "FEDORA-2008-2767",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"name": "39645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39645"
},
{
"name": "namazu-character-encoding-xss(41360)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html.en"
},
{
"name": "29386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29386"
},
{
"name": "SSRT100083",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SSRT100079",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBMA02525",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SUSE-SR:2008:017",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "29561",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29561"
},
{
"name": "31687",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31687"
},
{
"name": "FEDORA-2008-2678",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"name": "HPSBMA02492",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "28380",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28380"
},
{
"name": "JVN#00892830",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"name": "FEDORA-2008-2767",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"name": "39645",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39645"
},
{
"name": "namazu-character-encoding-xss(41360)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html.en"
},
{
"name": "29386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29386"
},
{
"name": "SSRT100083",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SSRT100079",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi in Namazu before 2.0.18 allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input, related to failure to set the charset, a different vector than CVE-2004-1318 and CVE-2001-1350. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBMA02525",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SUSE-SR:2008:017",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html"
},
{
"name": "29561",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29561"
},
{
"name": "31687",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31687"
},
{
"name": "FEDORA-2008-2678",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00575.html"
},
{
"name": "HPSBMA02492",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
},
{
"name": "28380",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28380"
},
{
"name": "JVN#00892830",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2300892830/index.html"
},
{
"name": "FEDORA-2008-2767",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00654.html"
},
{
"name": "39645",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39645"
},
{
"name": "namazu-character-encoding-xss(41360)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41360"
},
{
"name": "http://www.namazu.org/security.html.en",
"refsource": "CONFIRM",
"url": "http://www.namazu.org/security.html.en"
},
{
"name": "29386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29386"
},
{
"name": "SSRT100083",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=127239985506823\u0026w=2"
},
{
"name": "SSRT100079",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02029444"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1468",
"datePublished": "2008-03-24T21:00:00",
"dateReserved": "2008-03-24T00:00:00",
"dateUpdated": "2024-08-07T08:24:42.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1318 (GCVE-0-2004-1318)
Vulnerability from nvd – Published: 2005-01-06 05:00 – Updated: 2024-08-08 00:46
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1012805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"name": "1012802",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"name": "DSA-627",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"name": "13600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13600"
},
{
"name": "namazu-tab-query-xss(18623)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"name": "12053",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12053"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "FEDORA-2004-557",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"name": "12516",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/12516"
},
{
"name": "HPSBMA01212",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://www.securityfocus.com/advisories/9028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab (\"%09\") character, which prevents the rest of the query from being properly sanitized."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1012805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"name": "1012802",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"name": "DSA-627",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"name": "13600",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13600"
},
{
"name": "namazu-tab-query-xss(18623)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"name": "12053",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12053"
},
{
"name": "SUSE-SR:2005:001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "FEDORA-2004-557",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"name": "12516",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/12516"
},
{
"name": "HPSBMA01212",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://www.securityfocus.com/advisories/9028"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab (\"%09\") character, which prevents the rest of the query from being properly sanitized."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1012805",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Jan/1012805.html"
},
{
"name": "1012802",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/alerts/2005/Jan/1012802.html"
},
{
"name": "DSA-627",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-627"
},
{
"name": "13600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13600"
},
{
"name": "namazu-tab-query-xss(18623)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18623"
},
{
"name": "http://www.namazu.org/security.html.en#xss-tab",
"refsource": "CONFIRM",
"url": "http://www.namazu.org/security.html.en#xss-tab"
},
{
"name": "12053",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12053"
},
{
"name": "SUSE-SR:2005:001",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_01_sr.html"
},
{
"name": "FEDORA-2004-557",
"refsource": "FEDORA",
"url": "http://www.linuxsecurity.com/content/view/117604/102/"
},
{
"name": "http://jvn.jp/jp/JVN%23904429FE.html",
"refsource": "MISC",
"url": "http://jvn.jp/jp/JVN%23904429FE.html"
},
{
"name": "12516",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/12516"
},
{
"name": "HPSBMA01212",
"refsource": "HP",
"url": "http://www.securityfocus.com/advisories/9028"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1318",
"datePublished": "2005-01-06T05:00:00",
"dateReserved": "2005-01-03T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1351 (GCVE-0-2001-1351)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 04:51
VLAI?
Summary
Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5690",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5690"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5690",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5690"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the index file name that is displayed when displaying hit numbers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2001:162",
"refsource": "REDHAT",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "linux-namazu-css(7875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5690",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5690"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1351",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-06-02T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1352 (GCVE-0-2001-1352)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 04:51
VLAI?
Summary
Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020109 Details on the updated namazu packages that are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5691"
},
{
"name": "20011227 Re: [RHSA-2001:162-04] Updated namazu packages are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"name": "RHSA-2001:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020109 Details on the updated namazu packages that are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"name": "linux-namazu-css(7875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5691"
},
{
"name": "20011227 Re: [RHSA-2001:162-04] Updated namazu packages are available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"name": "RHSA-2001:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute arbitrary Javascript as other web users via an error message that is returned when an invalid index file is specified in the idxname parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020109 Details on the updated namazu packages that are available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101068116016472\u0026w=2"
},
{
"name": "linux-namazu-css(7875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7875"
},
{
"name": "5691",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5691"
},
{
"name": "20011227 Re: [RHSA-2001:162-04] Updated namazu packages are available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=100947261916155\u0026w=2"
},
{
"name": "RHSA-2001:179",
"refsource": "REDHAT",
"url": "http://marc.info/?l=bugtraq\u0026m=101060476404565\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1352",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-06-02T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1350 (GCVE-0-2001-1350)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 04:51
VLAI?
Summary
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.131Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-07-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2001:162",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2001:162",
"refsource": "REDHAT",
"url": "http://marc.info/?l=bugtraq\u0026w=2\u0026r=1\u0026s=namazu\u0026q=b"
},
{
"name": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html",
"refsource": "MISC",
"url": "http://search.namazu.org/ml/namazu-devel-ja/msg02114.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1350",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-06-02T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}