Vulnerabilities > Cybozu

DATE	CVE	VULNERABILITY TITLE	RISK
2018-04-16	CVE-2018-0532	Cross-site Scripting vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors. network low complexity cybozu CWE-79	4.0
2018-04-16	CVE-2018-0531	Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to view or alter an access privilege of a folder and/or notification settings via unspecified vectors. network low complexity cybozu	4.0
2018-04-16	CVE-2018-0530	SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. network low complexity cybozu CWE-89	6.5
2017-10-12	CVE-2017-10857	Improper Privilege Management vulnerability in Cybozu Office Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function. network low complexity cybozu CWE-269	4.0
2017-08-29	CVE-2017-2258	Path Traversal vulnerability in Cybozu Garoon 4.2.4/4.2.5 Directory traversal vulnerability in Cybozu Garoon 4.2.4 to 4.2.5 allows an attacker to read arbitrary files via Garoon SOAP API "WorkflowHandleApplications". network low complexity cybozu CWE-22	4.0
2017-08-29	CVE-2017-2257	Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via mail function. network cybozu CWE-79	4.3
2017-08-29	CVE-2017-2256	Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Memo". network cybozu CWE-79	3.5
2017-08-29	CVE-2017-2255	Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.7.0 to 4.2.5 allows an attacker to inject arbitrary web script or HTML via "Rich text" function of the application "Space". network cybozu CWE-79	3.5
2017-08-29	CVE-2017-2254	Improper Input Validation vulnerability in Cybozu Garoon Cybozu Garoon 3.5.0 to 4.2.5 allows an attacker to cause a denial of service in the application menu's edit function via specially crafted input network low complexity cybozu CWE-20	4.0
2017-07-07	CVE-2017-2172	Cross-site Scripting vulnerability in Cybozu Kunai Cross-site scripting vulnerability in Cybozu KUNAI for Android 3.0.0 to 3.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network cybozu CWE-79	4.3

Vulnerabilities > Cybozu {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cybozu"}]}

Vulnerabilities > Cybozu