CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2020-5572
https://notcve.org/view.php?id=CVE-2020-5572
Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors. Android App "Mailwise for Android" versiones 1.0.0 hasta 2.5, permite a un atacante obtener información de credenciales registrada en el producto por medio de vectores no especificados. • https://jvn.jp/en/jp/JVN78745667/index.html https://kb.cybozu.support/article/36411 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0702
https://notcve.org/view.php?id=CVE-2018-0702
Directory traversal vulnerability in Cybozu Mailwise 5.0.0 to 5.4.5 allows remote attackers to delete arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en Cybozu Mailwise, desde la versión 5.0.0 hasta la 5.4.5, que permite que un atacante remoto elimine archivos arbitrarios mediante vectores sin especificar. • https://jvn.jp/en/jp/JVN83739174/index.html https://kb.cybozu.support/article/34135 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0559
https://notcve.org/view.php?id=CVE-2018-0559
Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'Address' via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) en Cybozu Mailwise, de la versión 5.0.0 a la 5.4.1, permite que atacantes remotos autenticados inyecte scripts web o HTML arbitrarios en "Address" mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN52319657/index.html https://support.cybozu.com/ja-jp/article/10196 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0558
https://notcve.org/view.php?id=CVE-2018-0558
Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML in 'System settings' via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) reflejado en Cybozu Mailwise, de la versión 5.0.0 a la 5.4.1, permite que atacantes remotos autenticados inyecte scripts web o HTML arbitrarios en "System settings" mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN52319657/index.html https://support.cybozu.com/ja-jp/article/10193 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0557
https://notcve.org/view.php?id=CVE-2018-0557
Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors. Vulnerabilidad Cross-Site Scripting (XSS) persistente en Cybozu Mailwise, de la versión 5.0.0 a la 5.4.1, permite que atacantes remotos autenticados inyecte scripts web o HTML "E-mail Details Screen" arbitrarios mediante vectores sin especificar. • http://jvn.jp/en/jp/JVN52319657/index.html https://support.cybozu.com/ja-jp/article/10194 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •