Vulnerabilities > Cybozu > Mailwise > 5.1.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-09 | CVE-2018-0702 | Path Traversal vulnerability in Cybozu Mailwise Directory traversal vulnerability in Cybozu Mailwise 5.0.0 to 5.4.5 allows remote attackers to delete arbitrary files via unspecified vectors. | 6.4 |
| 2018-06-26 | CVE-2018-0559 | Cross-site Scripting vulnerability in Cybozu Mailwise Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'Address' via unspecified vectors. | 4.3 |
| 2018-06-26 | CVE-2018-0558 | Cross-site Scripting vulnerability in Cybozu Mailwise Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML in 'System settings' via unspecified vectors. | 4.3 |
| 2018-06-26 | CVE-2018-0557 | Cross-site Scripting vulnerability in Cybozu Mailwise Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors. | 4.3 |
| 2017-04-21 | CVE-2016-4841 | Improper Input Validation vulnerability in Cybozu Mailwise Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers. | 4.3 |
| 2017-04-20 | CVE-2016-4844 | Information Exposure vulnerability in Cybozu Mailwise Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks. | 4.3 |
| 2017-04-20 | CVE-2016-4843 | Information Exposure vulnerability in Cybozu Mailwise Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information. | 4.3 |
| 2017-04-20 | CVE-2016-4842 | Information Exposure vulnerability in Cybozu Mailwise Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read. | 4.3 |