Nagasaki Electronic Prefectural Office System SQL injection vulnerability


Nagasaki Prefectural Government has developed an open source electronic prefectural office system. The system contains SQL injection vulnerabilities.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 7.5 (High) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
Affected Products

Nagasaki Prefectural Government
  • Nagasaki Electron Prefecture of Web Red Book System
  • Nagasaki Electron Prefecture of Annual Vacation System
  • Nagasaki Electron Prefecture of muniment System


A remote attacker may view or modify the database contents.

Vendor Information

Nagasaki Prefectural Government
CWE (What is CWE?)

CVE (What is CVE?)


  1. JVN : JVN#41550845
Revision History

  • [2008/05/21]
      Web page published