Search criteria
12 vulnerabilities found for transmitmail by dounokouno
FKIE_CVE-2022-22146
Vulnerability from fkie_nvd - Published: 2022-02-08 11:15 - Updated: 2024-11-21 06:46
Severity ?
Summary
Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dounokouno | transmitmail | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2EA8DD-DBB0-4D42-A490-079F665B495A",
"versionEndIncluding": "2.6.1",
"versionStartIncluding": "2.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site scripting en TransmitMail versiones 2.5.0 a 2.6.1, permite a un atacante remoto no autenticado inyectar un script arbitrario por medio de vectores no especificados"
}
],
"id": "CVE-2022-22146",
"lastModified": "2024-11-21T06:46:15.230",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-08T11:15:08.127",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-21193
Vulnerability from fkie_nvd - Published: 2022-02-08 11:15 - Updated: 2024-11-21 06:44
Severity ?
Summary
Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dounokouno | transmitmail | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2EA8DD-DBB0-4D42-A490-079F665B495A",
"versionEndIncluding": "2.6.1",
"versionStartIncluding": "2.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors."
},
{
"lang": "es",
"value": "Una vulnerabilidad de salto de directorio en TransmitMail versiones 2.5.0 a 2.6.1, permite a un atacante remoto no autenticado obtener un archivo arbitrario en el servidor por medio de vectores no especificados"
}
],
"id": "CVE-2022-21193",
"lastModified": "2024-11-21T06:44:04.347",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-08T11:15:07.917",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0911
Vulnerability from fkie_nvd - Published: 2015-04-24 01:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dounokouno | transmitmail | 1.0.11 | |
| dounokouno | transmitmail | 1.1.0 | |
| dounokouno | transmitmail | 1.1.1 | |
| dounokouno | transmitmail | 1.1.2 | |
| dounokouno | transmitmail | 1.1.3 | |
| dounokouno | transmitmail | 1.1.4 | |
| dounokouno | transmitmail | 1.2.0 | |
| dounokouno | transmitmail | 1.2.1 | |
| dounokouno | transmitmail | 1.3.0 | |
| dounokouno | transmitmail | 1.3.1 | |
| dounokouno | transmitmail | 1.4.0 | |
| dounokouno | transmitmail | 1.4.1 | |
| dounokouno | transmitmail | 1.4.2 | |
| dounokouno | transmitmail | 1.5.0 | |
| dounokouno | transmitmail | 1.5.1 | |
| dounokouno | transmitmail | 1.5.2 | |
| dounokouno | transmitmail | 1.5.3 | |
| dounokouno | transmitmail | 1.5.4 | |
| dounokouno | transmitmail | 1.5.5 | |
| dounokouno | transmitmail | 1.5.6 | |
| dounokouno | transmitmail | 1.5.7 | |
| dounokouno | transmitmail | 1.5.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "98F0DED8-0655-45A2-88F6-A8674698FA07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE43C2C9-A576-469C-9CE6-1DFED80C4FD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A8D24F-2C2B-4B3A-A5B6-688B533DA63C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA36C32-F71A-49CF-B847-08B36A673151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043BA0EE-3221-40D0-B550-1C5EEF48411A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B92BDA13-7FC7-4E98-93F7-F9BF71189056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D518B16A-DF7B-4D57-972A-2AFA5592A53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB908B-5953-499C-AF72-C3A3678D534A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D6AF884-6EC4-4E13-BBFA-C39583EC6E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5981120B-B35E-4267-A335-A07FB490ED8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "335EB0FD-F305-48A5-856C-6E31AF4C3176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "437CB136-9016-486F-9A6C-1EBE36282FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74386143-3136-479C-BEAC-21AF91FD54E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0012F5DB-DBEC-4FE5-9DE7-BF797E25380E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "272690F5-21E5-43EF-BE04-1584C714B576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "28321C0A-A76B-4BCC-AA48-0CD8CDFD7A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "41322543-2438-48EB-BBC5-1FBC81DEC033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B119E334-08B9-4B9D-A6C1-CBDF48B16164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA7636D-4554-48BA-94D1-9F64A9A779F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4917CAA-1C0B-4226-9663-8F23B026218B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "28C7DF8F-ECAA-49F5-AD56-9615AA560C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C138F9A0-8827-4E60-8156-74472539C453",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en TAGAWA Takao TransmitMail 1.0.11 hasta 1.5.8 permite a atacantes remotos leer ficheros arbitrarios a trav\u00e9s de vectores relacionados con el manejo de adjuntos."
}
],
"id": "CVE-2015-0911",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-24T01:59:01.613",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN41653647/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN41653647/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000055"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2015-0910
Vulnerability from fkie_nvd - Published: 2015-04-24 01:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dounokouno | transmitmail | 1.0.11 | |
| dounokouno | transmitmail | 1.1.0 | |
| dounokouno | transmitmail | 1.1.1 | |
| dounokouno | transmitmail | 1.1.2 | |
| dounokouno | transmitmail | 1.1.3 | |
| dounokouno | transmitmail | 1.1.4 | |
| dounokouno | transmitmail | 1.2.0 | |
| dounokouno | transmitmail | 1.2.1 | |
| dounokouno | transmitmail | 1.3.0 | |
| dounokouno | transmitmail | 1.3.1 | |
| dounokouno | transmitmail | 1.4.0 | |
| dounokouno | transmitmail | 1.4.1 | |
| dounokouno | transmitmail | 1.4.2 | |
| dounokouno | transmitmail | 1.5.0 | |
| dounokouno | transmitmail | 1.5.1 | |
| dounokouno | transmitmail | 1.5.2 | |
| dounokouno | transmitmail | 1.5.3 | |
| dounokouno | transmitmail | 1.5.4 | |
| dounokouno | transmitmail | 1.5.5 | |
| dounokouno | transmitmail | 1.5.6 | |
| dounokouno | transmitmail | 1.5.7 | |
| dounokouno | transmitmail | 1.5.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "98F0DED8-0655-45A2-88F6-A8674698FA07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE43C2C9-A576-469C-9CE6-1DFED80C4FD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A8D24F-2C2B-4B3A-A5B6-688B533DA63C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2FA36C32-F71A-49CF-B847-08B36A673151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "043BA0EE-3221-40D0-B550-1C5EEF48411A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B92BDA13-7FC7-4E98-93F7-F9BF71189056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D518B16A-DF7B-4D57-972A-2AFA5592A53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "12DB908B-5953-499C-AF72-C3A3678D534A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D6AF884-6EC4-4E13-BBFA-C39583EC6E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5981120B-B35E-4267-A335-A07FB490ED8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "335EB0FD-F305-48A5-856C-6E31AF4C3176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "437CB136-9016-486F-9A6C-1EBE36282FC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74386143-3136-479C-BEAC-21AF91FD54E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0012F5DB-DBEC-4FE5-9DE7-BF797E25380E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "272690F5-21E5-43EF-BE04-1584C714B576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "28321C0A-A76B-4BCC-AA48-0CD8CDFD7A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "41322543-2438-48EB-BBC5-1FBC81DEC033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B119E334-08B9-4B9D-A6C1-CBDF48B16164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8CA7636D-4554-48BA-94D1-9F64A9A779F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C4917CAA-1C0B-4226-9663-8F23B026218B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "28C7DF8F-ECAA-49F5-AD56-9615AA560C3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dounokouno:transmitmail:1.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C138F9A0-8827-4E60-8156-74472539C453",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en TAGAWA Takao TransmitMail 1.0.11 hasta 1.5.8 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de un nombre de ficheros manipulado."
}
],
"id": "CVE-2015-0910",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-04-24T01:59:00.083",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN26860747/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN26860747/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000054"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-22146 (GCVE-0-2022-22146)
Vulnerability from cvelistv5 – Published: 2022-02-08 10:30 – Updated: 2024-08-03 03:07
VLAI?
Summary
Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TAGAWA Takao | TransmitMail |
Affected:
2.5.0 to 2.6.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:48.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TransmitMail",
"vendor": "TAGAWA Takao",
"versions": [
{
"status": "affected",
"version": "2.5.0 to 2.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-08T10:30:41",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-22146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TransmitMail",
"version": {
"version_data": [
{
"version_value": "2.5.0 to 2.6.1"
}
]
}
}
]
},
"vendor_name": "TAGAWA Takao"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/",
"refsource": "MISC",
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"name": "https://jvn.jp/en/jp/JVN70100915/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-22146",
"datePublished": "2022-02-08T10:30:41",
"dateReserved": "2022-01-21T00:00:00",
"dateUpdated": "2024-08-03T03:07:48.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21193 (GCVE-0-2022-21193)
Vulnerability from cvelistv5 – Published: 2022-02-08 10:30 – Updated: 2024-08-03 02:31
VLAI?
Summary
Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Directory traversal
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TAGAWA Takao | TransmitMail |
Affected:
2.5.0 to 2.6.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:59.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TransmitMail",
"vendor": "TAGAWA Takao",
"versions": [
{
"status": "affected",
"version": "2.5.0 to 2.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-08T10:30:34",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-21193",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TransmitMail",
"version": {
"version_data": [
{
"version_value": "2.5.0 to 2.6.1"
}
]
}
}
]
},
"vendor_name": "TAGAWA Takao"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/",
"refsource": "MISC",
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"name": "https://jvn.jp/en/jp/JVN70100915/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-21193",
"datePublished": "2022-02-08T10:30:34",
"dateReserved": "2022-01-21T00:00:00",
"dateUpdated": "2024-08-03T02:31:59.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0911 (GCVE-0-2015-0911)
Vulnerability from cvelistv5 – Published: 2015-04-24 01:00 – Updated: 2024-08-06 04:26
VLAI?
Summary
Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2015-000055",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000055"
},
{
"name": "JVN#41653647",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN41653647/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-24T01:57:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2015-000055",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000055"
},
{
"name": "JVN#41653647",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN41653647/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-0911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2015-000055",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000055"
},
{
"name": "JVN#41653647",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN41653647/index.html"
},
{
"name": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/",
"refsource": "CONFIRM",
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0911",
"datePublished": "2015-04-24T01:00:00",
"dateReserved": "2015-01-08T00:00:00",
"dateUpdated": "2024-08-06T04:26:11.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0910 (GCVE-0-2015-0910)
Vulnerability from cvelistv5 – Published: 2015-04-24 01:00 – Updated: 2024-08-06 04:26
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2015-000054",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000054"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
},
{
"name": "JVN#26860747",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN26860747/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-24T01:57:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2015-000054",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000054"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
},
{
"name": "JVN#26860747",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN26860747/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-0910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2015-000054",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000054"
},
{
"name": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/",
"refsource": "CONFIRM",
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
},
{
"name": "JVN#26860747",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN26860747/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0910",
"datePublished": "2015-04-24T01:00:00",
"dateReserved": "2015-01-08T00:00:00",
"dateUpdated": "2024-08-06T04:26:11.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22146 (GCVE-0-2022-22146)
Vulnerability from nvd – Published: 2022-02-08 10:30 – Updated: 2024-08-03 03:07
VLAI?
Summary
Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TAGAWA Takao | TransmitMail |
Affected:
2.5.0 to 2.6.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:48.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TransmitMail",
"vendor": "TAGAWA Takao",
"versions": [
{
"status": "affected",
"version": "2.5.0 to 2.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-08T10:30:41",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-22146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TransmitMail",
"version": {
"version_data": [
{
"version_value": "2.5.0 to 2.6.1"
}
]
}
}
]
},
"vendor_name": "TAGAWA Takao"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to inject an arbitrary script via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/",
"refsource": "MISC",
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"name": "https://jvn.jp/en/jp/JVN70100915/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-22146",
"datePublished": "2022-02-08T10:30:41",
"dateReserved": "2022-01-21T00:00:00",
"dateUpdated": "2024-08-03T03:07:48.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-21193 (GCVE-0-2022-21193)
Vulnerability from nvd – Published: 2022-02-08 10:30 – Updated: 2024-08-03 02:31
VLAI?
Summary
Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- Directory traversal
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| TAGAWA Takao | TransmitMail |
Affected:
2.5.0 to 2.6.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:31:59.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "TransmitMail",
"vendor": "TAGAWA Takao",
"versions": [
{
"status": "affected",
"version": "2.5.0 to 2.6.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Directory traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-08T10:30:34",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-21193",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "TransmitMail",
"version": {
"version_data": [
{
"version_value": "2.5.0 to 2.6.1"
}
]
}
}
]
},
"vendor_name": "TAGAWA Takao"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allows a remote unauthenticated attacker to obtain an arbitrary file on the server via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/",
"refsource": "MISC",
"url": "https://dounokouno.com/2022/01/25/about-the-vulnerability-of-transmitmail-v2-5-0-v2-6-1/"
},
{
"name": "https://jvn.jp/en/jp/JVN70100915/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/jp/JVN70100915/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-21193",
"datePublished": "2022-02-08T10:30:34",
"dateReserved": "2022-01-21T00:00:00",
"dateUpdated": "2024-08-03T02:31:59.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0911 (GCVE-0-2015-0911)
Vulnerability from nvd – Published: 2015-04-24 01:00 – Updated: 2024-08-06 04:26
VLAI?
Summary
Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2015-000055",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000055"
},
{
"name": "JVN#41653647",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN41653647/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-24T01:57:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2015-000055",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000055"
},
{
"name": "JVN#41653647",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN41653647/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-0911",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to read arbitrary files via vectors related to attachment handling."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2015-000055",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000055"
},
{
"name": "JVN#41653647",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN41653647/index.html"
},
{
"name": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/",
"refsource": "CONFIRM",
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0911",
"datePublished": "2015-04-24T01:00:00",
"dateReserved": "2015-01-08T00:00:00",
"dateUpdated": "2024-08-06T04:26:11.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0910 (GCVE-0-2015-0910)
Vulnerability from nvd – Published: 2015-04-24 01:00 – Updated: 2024-08-06 04:26
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.376Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2015-000054",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000054"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
},
{
"name": "JVN#26860747",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN26860747/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-04-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-24T01:57:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2015-000054",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000054"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
},
{
"name": "JVN#26860747",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN26860747/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-0910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote attackers to inject arbitrary web script or HTML via a crafted filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2015-000054",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000054"
},
{
"name": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/",
"refsource": "CONFIRM",
"url": "http://dounokouno.com/2015/04/20/transmitmail-%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6/"
},
{
"name": "JVN#26860747",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN26860747/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0910",
"datePublished": "2015-04-24T01:00:00",
"dateReserved": "2015-01-08T00:00:00",
"dateUpdated": "2024-08-06T04:26:11.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}