Filtered by vendor Neojapan
Subscriptions
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-52583 | 1 Neojapan | 1 Desknet Web | 2025-10-21 | N/A |
| Reflected cross-site scripting (XSS) vulnerability in desknet's Web Server allows execution of arbitrary JavaScript in a user’s web browser. | ||||
| CVE-2025-54760 | 1 Neojapan | 1 Desknet Neo | 2025-10-21 | N/A |
| Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser. | ||||
| CVE-2025-54859 | 1 Neojapan | 1 Desknet Neo | 2025-10-21 | N/A |
| Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser. | ||||
| CVE-2025-53858 | 1 Neojapan | 1 Chatluck | 2025-10-21 | N/A |
| ChatLuck contains a cross-site scripting vulnerability in Chat Rooms. If exploited, an arbitrary script may be executed on the web browser of the user who is accessing the product. | ||||
| CVE-2025-58079 | 1 Neojapan | 1 Desknet Neo | 2025-10-21 | N/A |
| Improper Protection of Alternate Path (CWE-424) in the AppSuite of desknet's NEO V4.0R1.0 to V9.0R2.0 allows an attacker to create malicious AppSuite applications. | ||||
| CVE-2025-58426 | 1 Neojapan | 1 Desknet Neo | 2025-10-21 | N/A |
| desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications. | ||||
| CVE-2025-24833 | 1 Neojapan | 1 Desknet Neo | 2025-10-21 | N/A |
| Stored cross-site scripting (XSS) vulnerability in desknet's NEO versions V4.0R1.0–V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser. | ||||
| CVE-2025-58115 | 1 Neojapan | 1 Chatluck | 2025-10-21 | N/A |
| ChatLuck contains a cross-site scripting vulnerability in Guest User Sign-up. If exploited, an arbitrary script may be executed on the web browser of the user who is accessing the product. | ||||
| CVE-2025-55072 | 1 Neojapan | 1 Desknet Neo | 2025-10-21 | N/A |
| Stored cross-site scripting (XSS) vulnerability in desknet's NEO V2.0R1.0 to V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser. | ||||
| CVE-2025-54461 | 1 Neojapan | 1 Chatluck | 2025-10-21 | N/A |
| ChatLuck contains an insufficient granularity of access control vulnerability in Invitation of Guest Users. If exploited, an uninvited guest user may register itself as a guest user. | ||||
| CVE-2015-2990 | 1 Neojapan | 1 Desknet Neo | 2025-04-12 | N/A |
| Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO 2.0R1.0 through 2.5R1.4 allows remote authenticated users to read arbitrary files via a crafted parameter. | ||||
Page 1 of 1.