Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Garoon
(Cybozu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 192 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-05-17 | CVE-2019-5935 | Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction to change user information without access privileges via the Item function of User Information. | Garoon | 4.3 | ||
| 2019-05-17 | CVE-2019-5934 | SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allows attacker with administrator rights to execute arbitrary SQL commands via the Log Search function of application 'logging'. | Garoon | 7.2 | ||
| 2019-05-17 | CVE-2019-5933 | Cybozu Garoon 4.0.0 to 4.10.0 allows remote authenticated attackers to bypass access restriction to view the Bulletin Board without view privileges via the application 'Bulletin'. | Garoon | 4.3 | ||
| 2019-05-17 | CVE-2019-5931 | Cybozu Garoon 4.0.0 to 4.6.3 allows authenticated attackers to alter the information with privileges invoking the installer via unspecified vectors. | Garoon | 8.7 | ||
| 2019-05-17 | CVE-2019-5930 | Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access restriction to browse unauthorized pages via the application 'Management of Basic System'. | Garoon | 4.3 | ||
| 2019-05-17 | CVE-2019-5947 | Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'. | Garoon | 5.4 | ||
| 2019-05-17 | CVE-2019-5940 | Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Scheduler'. | Garoon | 6.1 | ||
| 2019-05-17 | CVE-2019-5939 | Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Portal'. | Garoon | 6.1 | ||
| 2019-05-17 | CVE-2019-5938 | Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote attackers to inject arbitrary web script or HTML via the application 'Mail'. | Garoon | 6.1 | ||
| 2019-05-17 | CVE-2019-5937 | Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the user information. | Garoon | 5.4 |