Vulnerabilities > Cybozu

DATE CVE VULNERABILITY TITLE RISK
2019-12-26 CVE-2019-6023 Unspecified vulnerability in Cybozu Office
Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining data without access privileges via the application 'Address'.
network
low complexity
cybozu
4.3
2019-12-26 CVE-2019-6022 Path Traversal vulnerability in Cybozu Office
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function.
network
low complexity
cybozu CWE-22
6.5
2019-09-12 CVE-2019-5991 SQL Injection vulnerability in Cybozu Garoon
SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
cybozu CWE-89
7.6
2019-09-12 CVE-2019-5978 Open Redirect vulnerability in Cybozu Garoon
Open redirect vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the application 'Scheduler'.
network
low complexity
cybozu CWE-601
6.1
2019-09-12 CVE-2019-5977 Injection vulnerability in Cybozu Garoon
Mail header injection vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 may allow a remote authenticated attackers to alter mail header via the application 'E-Mail'.
network
low complexity
cybozu CWE-74
4.3
2019-09-12 CVE-2019-5976 Improper Input Validation vulnerability in Cybozu Garoon
Cybozu Garoon 4.0.0 to 4.10.2 allows an attacker with administrative rights to cause a denial of service condition via unspecified vectors.
network
low complexity
cybozu CWE-20
4.9
2019-09-12 CVE-2019-5975 Cross-site Scripting vulnerability in Cybozu Garoon
DOM-based cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
cybozu CWE-79
5.4
2019-05-17 CVE-2019-5947 Cross-site Scripting vulnerability in Cybozu Garoon
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'.
network
low complexity
cybozu CWE-79
5.4
2019-05-17 CVE-2019-5946 Open Redirect vulnerability in Cybozu Garoon
Open redirect vulnerability in Cybozu Garoon 4.2.4 to 4.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the Login Screen.
network
low complexity
cybozu CWE-601
6.1
2019-05-17 CVE-2019-5945 Unspecified vulnerability in Cybozu Garoon
Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information via the authentication of Cybozu Garoon.
network
low complexity
cybozu
critical
9.8