Vulnerabilities > Cybozu

DATE CVE VULNERABILITY TITLE RISK
2020-11-06 CVE-2020-5643 Improper Input Validation vulnerability in Cybozu Garoon 5.0.0/5.0.1/5.0.2
Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2 allows a remote authenticated attacker to delete some data of the bulletin board via unspecified vector.
network
low complexity
cybozu CWE-20
5.5
2020-06-30 CVE-2020-5588 Path Traversal vulnerability in Cybozu Garoon 5.0.0/5.0.1
Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors.
network
low complexity
cybozu CWE-22
4.0
2020-06-30 CVE-2020-5587 Information Exposure vulnerability in Cybozu Garoon
Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information via unspecified vectors.
network
low complexity
cybozu CWE-200
4.0
2020-06-30 CVE-2020-5586 Cross-Site Scripting vulnerability in Cybozu Garoon 4.10.3/5.0.0/5.0.1
Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.
network
cybozu CWE-79
3.5
2020-06-30 CVE-2020-5585 Cross-Site Scripting vulnerability in Cybozu Garoon 5.0.0/5.0.1
Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.
network
cybozu CWE-79
3.5
2020-06-30 CVE-2020-5584 Information Exposure vulnerability in Cybozu Garoon
Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors.
network
low complexity
cybozu CWE-200
5.0
2020-06-30 CVE-2020-5583 Information Exposure vulnerability in Cybozu Garoon
Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report's data via unspecified vectors.
network
low complexity
cybozu CWE-200
4.0
2020-06-30 CVE-2020-5582 Incorrect Authorization vulnerability in Cybozu Garoon
Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors.
network
low complexity
cybozu CWE-863
4.0
2020-06-30 CVE-2020-5581 Path Traversal vulnerability in Cybozu Garoon
Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors.
network
low complexity
cybozu CWE-22
4.0
2020-06-30 CVE-2020-5580 Improper Privilege Management vulnerability in Cybozu Garoon
Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors.
network
low complexity
cybozu CWE-269
5.5