Published:2006/05/22 Last Updated:2015/10/21

JVN#55425662
MyWeb SQL injection vulnerability

Overview

Groupware MyWeb contains a SQL injection vulnerability.

Products Affected

MyWeb Portal Office cellular phone functionality
MyWeb Standard Edition
MyWeb Public Edition
MyWeb Medical Edition
MyWeb Citizen Edition
MyWeb School Edition
MyWeb Light Edition

Description

Impact

A remote attacker could view or modify the database contents.

Solution

Vendor Status

Vendor	Status	Last Update	Vendor Notes
FUJITSU LIMITED	Vulnerable	2015/10/13

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE	CVE-2006-2517
JVN iPedia	JVNDB-2006-000619

Update History

2015/10/21: FUJITSU LIMITED update status