Vulnerabilities > Futomi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-08 | CVE-2018-0514 | OS Command Injection vulnerability in Futomi MP Form Mail CGI MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 10.0 |
| 2016-06-05 | CVE-2016-1212 | Path Traversal vulnerability in Futomi MP Form Mail CGI 3.2.3 Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors. | 4.0 |
| 2015-03-21 | CVE-2015-0898 | Code Injection vulnerability in Futomi MP Form Mail CGI futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows allows remote attackers to execute arbitrary Perl code via unspecified vectors. | 7.5 |
| 2010-09-13 | CVE-2010-2366 | Cross-Site Scripting vulnerability in Futomi Access Analyzer CGI Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access Analyzer CGI Professional, and Standard 4.0.2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2009-04-01 | CVE-2009-1206 | Privilege Escalation vulnerability in Access Analyzer CGI Unspecified vulnerability in futomi's CGI Cafe Access Analyzer CGI Professional Version 4.11.5 and earlier allows remote attackers to gain administrative privileges via unknown vectors. | 7.5 |
| 2009-03-19 | CVE-2009-0971 | Cross-Site Scripting vulnerability in Futomi Access Analyzer CGI Cross-site scripting (XSS) vulnerability in futomi's CGI Cafe Access Analyzer CGI Standard Version 3.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
| 2009-03-19 | CVE-2009-0962 | Security Bypass vulnerability in Futomi's CGI Cafe MP Form Mail CGI Unspecified vulnerability in Futomi's CGI Cafe MP Form Mail CGI eCommerce 1.3.0 and earlier, and CGI Professional 3.2.2 and earlier, allows remote attackers to gain administrative privileges via unknown attack vectors. | 7.5 |
| 2009-01-02 | CVE-2008-5809 | Improper Authentication vulnerability in Futomi Access Analyzer CGI futomi CGI Cafe Access Analyzer CGI Standard 4.0.1 and earlier and Access Analyzer CGI Professional 4.11.3 and earlier use a predictable session id, which makes it easier for remote attackers to hijack sessions, and obtain sensitive information about analysis results, via a modified id. | 5.8 |