Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    6 vulnerabilities by rocomotion

    CVE-2010-3931 (GCVE-0-2010-3931)

    Vulnerability from nvd – Published: 2011-01-20 18:00 – Updated: 2024-08-07 03:26
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and earlier, P up board 1.38 and other versions, P diary R 1.13 and earlier, P link 1.11 and earlier, P link compact 1.04 and earlier, pplog 3.31 and earlier, pplog2 3.37 and earlier, PM bbs 1.07 and earlier, PM up bbs 1.08 and earlier, and PM forum 1.18 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://jvn.jp/en/jp/JVN09115481/index.html third-party-advisoryx_refsource_JVN
    http://secunia.com/advisories/42957 third-party-advisoryx_refsource_SECUNIA
    http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-0… third-party-advisoryx_refsource_JVNDB
    http://www.securityfocus.com/bid/45838 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://another.rocomotion.jp/12949466953653.html x_refsource_CONFIRM
    http://osvdb.org/70495 vdb-entryx_refsource_OSVDB
    Date Public
    2011-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:26:12.154Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#09115481",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN09115481/index.html"
              },
              {
                "name": "42957",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42957"
              },
              {
                "name": "JVNDB-2011-000006",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVNDB",
                  "x_transferred"
                ],
                "url": "http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000006.html"
              },
              {
                "name": "45838",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/45838"
              },
              {
                "name": "rocomotion-unspecified-xss(64745)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64745"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://another.rocomotion.jp/12949466953653.html"
              },
              {
                "name": "70495",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/70495"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and earlier, P up board 1.38 and other versions, P diary R 1.13 and earlier, P link 1.11 and earlier, P link compact 1.04 and earlier, pplog 3.31 and earlier, pplog2 3.37 and earlier, PM bbs 1.07 and earlier, PM up bbs 1.08 and earlier, and PM forum 1.18 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#09115481",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN09115481/index.html"
            },
            {
              "name": "42957",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42957"
            },
            {
              "name": "JVNDB-2011-000006",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVNDB"
              ],
              "url": "http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000006.html"
            },
            {
              "name": "45838",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/45838"
            },
            {
              "name": "rocomotion-unspecified-xss(64745)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64745"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://another.rocomotion.jp/12949466953653.html"
            },
            {
              "name": "70495",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/70495"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2010-3931",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and earlier, P up board 1.38 and other versions, P diary R 1.13 and earlier, P link 1.11 and earlier, P link compact 1.04 and earlier, pplog 3.31 and earlier, pplog2 3.37 and earlier, PM bbs 1.07 and earlier, PM up bbs 1.08 and earlier, and PM forum 1.18 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#09115481",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN09115481/index.html"
                },
                {
                  "name": "42957",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42957"
                },
                {
                  "name": "JVNDB-2011-000006",
                  "refsource": "JVNDB",
                  "url": "http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000006.html"
                },
                {
                  "name": "45838",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/45838"
                },
                {
                  "name": "rocomotion-unspecified-xss(64745)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64745"
                },
                {
                  "name": "http://another.rocomotion.jp/12949466953653.html",
                  "refsource": "CONFIRM",
                  "url": "http://another.rocomotion.jp/12949466953653.html"
                },
                {
                  "name": "70495",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/70495"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2010-3931",
        "datePublished": "2011-01-20T18:00:00.000Z",
        "dateReserved": "2010-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:26:12.154Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4383 (GCVE-0-2009-4383)

    Vulnerability from nvd – Published: 2009-12-22 23:00 – Updated: 2024-09-16 18:23
    VLAI
    Summary
    Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-0… third-party-advisoryx_refsource_JVNDB
    http://jvn.jp/en/jp/JVN00152874/index.html third-party-advisoryx_refsource_JVN
    http://another.rocomotion.jp/12604561773482.html x_refsource_CONFIRM
    http://another.rocomotion.jp/12568911093444.html x_refsource_CONFIRM
    http://secunia.com/advisories/37691 third-party-advisoryx_refsource_SECUNIA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:01:20.495Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVNDB-2009-000084",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVNDB",
                  "x_transferred"
                ],
                "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000084.html"
              },
              {
                "name": "JVN#00152874",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN00152874/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://another.rocomotion.jp/12604561773482.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://another.rocomotion.jp/12568911093444.html"
              },
              {
                "name": "37691",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37691"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-12-22T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "JVNDB-2009-000084",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVNDB"
              ],
              "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000084.html"
            },
            {
              "name": "JVN#00152874",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN00152874/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://another.rocomotion.jp/12604561773482.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://another.rocomotion.jp/12568911093444.html"
            },
            {
              "name": "37691",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37691"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4383",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVNDB-2009-000084",
                  "refsource": "JVNDB",
                  "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000084.html"
                },
                {
                  "name": "JVN#00152874",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN00152874/index.html"
                },
                {
                  "name": "http://another.rocomotion.jp/12604561773482.html",
                  "refsource": "CONFIRM",
                  "url": "http://another.rocomotion.jp/12604561773482.html"
                },
                {
                  "name": "http://another.rocomotion.jp/12568911093444.html",
                  "refsource": "CONFIRM",
                  "url": "http://another.rocomotion.jp/12568911093444.html"
                },
                {
                  "name": "37691",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37691"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4383",
        "datePublished": "2009-12-22T23:00:00.000Z",
        "dateReserved": "2009-12-22T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:23:22.313Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-3931 (GCVE-0-2010-3931)

    Vulnerability from cvelistv5 – Published: 2011-01-20 18:00 – Updated: 2024-08-07 03:26
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and earlier, P up board 1.38 and other versions, P diary R 1.13 and earlier, P link 1.11 and earlier, P link compact 1.04 and earlier, pplog 3.31 and earlier, pplog2 3.37 and earlier, PM bbs 1.07 and earlier, PM up bbs 1.08 and earlier, and PM forum 1.18 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://jvn.jp/en/jp/JVN09115481/index.html third-party-advisoryx_refsource_JVN
    http://secunia.com/advisories/42957 third-party-advisoryx_refsource_SECUNIA
    http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-0… third-party-advisoryx_refsource_JVNDB
    http://www.securityfocus.com/bid/45838 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://another.rocomotion.jp/12949466953653.html x_refsource_CONFIRM
    http://osvdb.org/70495 vdb-entryx_refsource_OSVDB
    Date Public
    2011-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:26:12.154Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVN#09115481",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN09115481/index.html"
              },
              {
                "name": "42957",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42957"
              },
              {
                "name": "JVNDB-2011-000006",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVNDB",
                  "x_transferred"
                ],
                "url": "http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000006.html"
              },
              {
                "name": "45838",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/45838"
              },
              {
                "name": "rocomotion-unspecified-xss(64745)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64745"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://another.rocomotion.jp/12949466953653.html"
              },
              {
                "name": "70495",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/70495"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and earlier, P up board 1.38 and other versions, P diary R 1.13 and earlier, P link 1.11 and earlier, P link compact 1.04 and earlier, pplog 3.31 and earlier, pplog2 3.37 and earlier, PM bbs 1.07 and earlier, PM up bbs 1.08 and earlier, and PM forum 1.18 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "JVN#09115481",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN09115481/index.html"
            },
            {
              "name": "42957",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42957"
            },
            {
              "name": "JVNDB-2011-000006",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVNDB"
              ],
              "url": "http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000006.html"
            },
            {
              "name": "45838",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/45838"
            },
            {
              "name": "rocomotion-unspecified-xss(64745)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64745"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://another.rocomotion.jp/12949466953653.html"
            },
            {
              "name": "70495",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/70495"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2010-3931",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and earlier, P up board 1.38 and other versions, P diary R 1.13 and earlier, P link 1.11 and earlier, P link compact 1.04 and earlier, pplog 3.31 and earlier, pplog2 3.37 and earlier, PM bbs 1.07 and earlier, PM up bbs 1.08 and earlier, and PM forum 1.18 and earlier, allows remote attackers to inject arbitrary web script or HTML via unknown vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVN#09115481",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN09115481/index.html"
                },
                {
                  "name": "42957",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42957"
                },
                {
                  "name": "JVNDB-2011-000006",
                  "refsource": "JVNDB",
                  "url": "http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000006.html"
                },
                {
                  "name": "45838",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/45838"
                },
                {
                  "name": "rocomotion-unspecified-xss(64745)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64745"
                },
                {
                  "name": "http://another.rocomotion.jp/12949466953653.html",
                  "refsource": "CONFIRM",
                  "url": "http://another.rocomotion.jp/12949466953653.html"
                },
                {
                  "name": "70495",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/70495"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2010-3931",
        "datePublished": "2011-01-20T18:00:00.000Z",
        "dateReserved": "2010-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:26:12.154Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4383 (GCVE-0-2009-4383)

    Vulnerability from cvelistv5 – Published: 2009-12-22 23:00 – Updated: 2024-09-16 18:23
    VLAI
    Summary
    Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-0… third-party-advisoryx_refsource_JVNDB
    http://jvn.jp/en/jp/JVN00152874/index.html third-party-advisoryx_refsource_JVN
    http://another.rocomotion.jp/12604561773482.html x_refsource_CONFIRM
    http://another.rocomotion.jp/12568911093444.html x_refsource_CONFIRM
    http://secunia.com/advisories/37691 third-party-advisoryx_refsource_SECUNIA
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:01:20.495Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "JVNDB-2009-000084",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVNDB",
                  "x_transferred"
                ],
                "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000084.html"
              },
              {
                "name": "JVN#00152874",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN00152874/index.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://another.rocomotion.jp/12604561773482.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://another.rocomotion.jp/12568911093444.html"
              },
              {
                "name": "37691",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37691"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-12-22T23:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "JVNDB-2009-000084",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVNDB"
              ],
              "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000084.html"
            },
            {
              "name": "JVN#00152874",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN00152874/index.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://another.rocomotion.jp/12604561773482.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://another.rocomotion.jp/12568911093444.html"
            },
            {
              "name": "37691",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37691"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-4383",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "JVNDB-2009-000084",
                  "refsource": "JVNDB",
                  "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000084.html"
                },
                {
                  "name": "JVN#00152874",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN00152874/index.html"
                },
                {
                  "name": "http://another.rocomotion.jp/12604561773482.html",
                  "refsource": "CONFIRM",
                  "url": "http://another.rocomotion.jp/12604561773482.html"
                },
                {
                  "name": "http://another.rocomotion.jp/12568911093444.html",
                  "refsource": "CONFIRM",
                  "url": "http://another.rocomotion.jp/12568911093444.html"
                },
                {
                  "name": "37691",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37691"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-4383",
        "datePublished": "2009-12-22T23:00:00.000Z",
        "dateReserved": "2009-12-22T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:23:22.313Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    JVNDB-2011-000006

    Vulnerability from jvndb - Published: 2011-01-18 17:51 - Updated:2011-01-18 17:51
    Severity
    N/A (UNKNOWN) - -
    Summary
    Cross-site scripting vulnerability in multiple Rocomotion products
    Details
    Multiple products provided by Rocomotion contain a cross-site scripting vulnerablility. Multiple products (P board etc.) provided by Rocomotion contain a cross-site scripting vulnerablility. Saeki Tominaga of KINOTROPE INC. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000006.html",
      "dc:date": "2011-01-18T17:51+09:00",
      "dcterms:issued": "2011-01-18T17:51+09:00",
      "dcterms:modified": "2011-01-18T17:51+09:00",
      "description": "Multiple products provided by Rocomotion contain a cross-site scripting vulnerablility.\r\n\r\nMultiple products (P board etc.) provided by Rocomotion contain a cross-site scripting vulnerablility.\r\n\r\nSaeki Tominaga of KINOTROPE INC. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000006.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:ug:pm_bbs",
          "@product": "PM bbs",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:pm_forum",
          "@product": "PM forum",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:pm_up_bbs",
          "@product": "PM up bbs",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:pplog",
          "@product": "pplog",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:pplog2",
          "@product": "pplog2",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:p_board",
          "@product": "P board",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:p_board_r",
          "@product": "P board R",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:p_board_ri",
          "@product": "P board RI",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:p_diary_r",
          "@product": "P diary R",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:p_forum",
          "@product": "P forum",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:p_link",
          "@product": "P link",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:p_link_compact",
          "@product": "P link compact",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:p_up_board",
          "@product": "P up board",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:p_up_board_i",
          "@product": "P up board I",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:ug:p_up_board_random",
          "@product": "P up board random",
          "@vendor": "Rocomotion",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2011-000006",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN09115481/index.html",
          "@id": "JVN#09115481",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3931",
          "@id": "CVE-2010-3931",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3931",
          "@id": "CVE-2010-3931",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/42957",
          "@id": "SA42957",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/45838",
          "@id": "45838",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/64745",
          "@id": "64745",
          "@source": "XF"
        },
        {
          "#text": "http://osvdb.org/70495",
          "@id": "70495",
          "@source": "OSVDB"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "Cross-site scripting vulnerability in multiple Rocomotion products"
    }

    JVNDB-2009-000084

    Vulnerability from jvndb - Published: 2009-12-17 14:18 - Updated:2009-12-17 14:18
    Severity
    N/A (UNKNOWN) - -
    Summary
    P forum vulnerable to directory traversal
    Details
    P forum from Rocomotion contains a directory traversal vulnerability. P forum from Rocomotion is a bulletin board software. P forum contains a directory traversal vulnerability. Shuya Ueki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000084.html",
      "dc:date": "2009-12-17T14:18+09:00",
      "dcterms:issued": "2009-12-17T14:18+09:00",
      "dcterms:modified": "2009-12-17T14:18+09:00",
      "description": "P forum from Rocomotion contains a directory traversal vulnerability. \r\n\r\nP forum from Rocomotion is a bulletin board software. P forum contains a directory traversal vulnerability. \r\n\r\nShuya Ueki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000084.html",
      "sec:cpe": {
        "#text": "cpe:/a:ug:p_forum",
        "@product": "P forum",
        "@vendor": "Rocomotion",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "5.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2009-000084",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN00152874/index.html",
          "@id": "JVN#00152874",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4383",
          "@id": "CVE-2009-4383",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4383",
          "@id": "CVE-2009-4383",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/37691",
          "@id": "SA37691",
          "@source": "SECUNIA"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-22",
          "@title": "Path Traversal(CWE-22)"
        }
      ],
      "title": "P forum vulnerable to directory traversal"
    }