NotCVE - vendor:"Cybozu" product:"Garoon" version:" <= 3.5"

Page 2 of 88 results (0.002 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-0531

https://notcve.org/view.php?id=CVE-2018-0531

Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to view or alter an access privilege of a folder and/or notification settings via unspecified vectors. Cybozu Garoon, de la versión 3.0.0 a la 4.2.6, permite que los atacantes remotos autenticados omitan las restricciones de acceso para ver o alterar un privilegio de acceso de una carpeta y/u opciones de configuración mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN65268217/index.html https://support.cybozu.com/ja-jp/article/9349 •

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-0532

https://notcve.org/view.php?id=CVE-2018-0532

Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors. Cybozu Garoon, de la versión 3.0.0 a la 4.2.6, permite que los atacantes remotos autenticados omitan las restricciones de acceso para alterar datos de configuración de la base de datos Standard mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN65268217/index.html https://support.cybozu.com/ja-jp/article/9378 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-0530

https://notcve.org/view.php?id=CVE-2018-0530

SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en Cybozu Garoon, de la versión 3.5.0 a la 4.2.6, permite que los atacantes remotos ejecuten comandos SQL arbitrarios mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN65268217/index.html https://support.cybozu.com/ja-jp/article/9326 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-0551

https://notcve.org/view.php?id=CVE-2018-0551

Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) en Cybozu Garoon, de la versión 3.0.0 a la 4.6.1, permite que atacantes remotos autenticados inyecte scripts web o HTML arbitrarios mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN65268217/index.html https://support.cybozu.com/ja-jp/article/10211 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-0549

https://notcve.org/view.php?id=CVE-2018-0549

Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) en Cybozu Garoon, de la versión 3.0.0 a la 4.6.0, permite que atacantes remotos autenticados inyecte scripts web o HTML arbitrarios mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN65268217/index.html https://support.cybozu.com/ja-jp/article/10058 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2 3 4 5