CVSS: 5.4EPSS: 0%CPEs: 35EXPL: 0CVE-2013-6912
https://notcve.org/view.php?id=CVE-2013-6912
05 Dec 2013 — Cross-site scripting (XSS) vulnerability in a calendar component in Cybozu Garoon before 3.7.2, when Internet Explorer 6 through 9 is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de cross-site scripting (XSS) en un componente de calendario en Cybozu Garoon anteriores a 3.7.2, cuando Internet Explorer 6 a 9 son utilizados, permite a usuarios autenticados remotamente inyectar scripts web o HTML arbitrarios a través de vectores no especi... • http://cs.cybozu.co.jp/information/20131202up01.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 30EXPL: 0CVE-2013-6002
https://notcve.org/view.php?id=CVE-2013-6002
05 Dec 2013 — The server in Cybozu Garoon before 3.7 SP1 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. El servidor en Cybozu Garoon anteriores a 3.7 SP1 permite a atacantes remotos causar denegación de servicio (consumo de CPU) a través de vectores no especificados. • http://cs.cybozu.co.jp/information/20131202up01.php • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 29EXPL: 0CVE-2013-6910
https://notcve.org/view.php?id=CVE-2013-6910
05 Dec 2013 — Cross-site scripting (XSS) vulnerability in Ajax components in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de cross-site scripting (XSS) en componentes Ajax en Cybozu Garoon anteriores a 3.7.0 permite a atacantes remotos inyectar scripts web o HTML arbitrarios a través de vectores no especificados. • http://cs.cybozu.co.jp/information/20131202up01.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 32EXPL: 0CVE-2013-6913
https://notcve.org/view.php?id=CVE-2013-6913
05 Dec 2013 — Cross-site scripting (XSS) vulnerability in a search component in Cybozu Garoon before 3.7.2, when Internet Explorer is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de cross-site scripting (XSS) en un componente de búsqueda de Cybozu Garoon anteriores a 3.7.2, cuando Internet Explorer es utilizado, permite a ususario autenticados remotamente inyectar scripts web o HTML arbitrarios a través de vectores no especificados. • http://cs.cybozu.co.jp/information/20131202up01.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 60EXPL: 0CVE-2013-6904
https://notcve.org/view.php?id=CVE-2013-6904
05 Dec 2013 — Cross-site scripting (XSS) vulnerability in a note component in Cybozu Garoon before 3.7.0, when Internet Explorer or Firefox is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de cross-site scripting (XSS) en un componente de notas en Cybozu Garoon anteriores a 3.7.0, cuando Internet Explorer o Firefox son utilizados, permite a atacantes remotos inyectar scripts web o HTML arbitrarios a través de vectores no especificados. • http://cs.cybozu.co.jp/information/20131202up01.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 29EXPL: 0CVE-2013-6907
https://notcve.org/view.php?id=CVE-2013-6907
05 Dec 2013 — Cross-site scripting (XSS) vulnerability in a mail component in Cybozu Garoon 2.x and 3.x before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en el componente mail de Cybozu Garoon 2.x y 3.x anterior a la versión 3.7.0 permite a atacantes remotos inyectar script web o HTML arbitrario a través de vectores sin especificar. • http://cs.cybozu.co.jp/information/20131202up01.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 13EXPL: 0CVE-2013-0702
https://notcve.org/view.php?id=CVE-2013-0702
14 Feb 2013 — Cross-site scripting (XSS) vulnerability in Cybozu Garoon 2.0.0 through 3.5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad ante la ejecución de secuencias de comandos en sitios cruzados de Cybozu Garoon v2.0.0 hasta v3.5.3 permite a atacantes remotos inyectar web script o html arbitrarios por vectores sin especificar. • http://cs.cybozu.co.jp/information/20130125up01.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-0701
https://notcve.org/view.php?id=CVE-2013-0701
14 Feb 2013 — SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging privilege. Vulnerabilidad que permite la inyección de código SQL en Cybozu Garoon v2.5 hasta 3.5.3 que permite a usuarios autenticados ejecutar código arbitrario SQL para elevar privilegios. • http://cs.cybozu.co.jp/information/20130125up02.php • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •