Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Garoon
(Cybozu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 190 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-05-17 | CVE-2019-5928 | Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to inject arbitrary web script or HTML via Customize Item function. | Garoon | 6.1 | ||
| 2018-11-15 | CVE-2018-0673 | Directory traversal vulnerability in Cybozu Garoon 3.5.0 to 4.6.3 allows authenticated attackers to read arbitrary files via unspecified vectors. | Garoon | 8.1 | ||
| 2018-07-26 | CVE-2018-0607 | SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | Garoon | 8.8 | ||
| 2018-04-16 | CVE-2018-0551 | Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | Garoon | 5.4 | ||
| 2018-04-16 | CVE-2018-0550 | Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to bypass access restriction to view the closed title of "Cabinet" via unspecified vectors. | Garoon | 4.3 | ||
| 2018-04-16 | CVE-2018-0549 | Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | Garoon | 5.4 | ||
| 2018-04-16 | CVE-2018-0548 | Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to bypass access restriction to view the closed title of "Space" via unspecified vectors. | Garoon | 4.3 | ||
| 2018-04-16 | CVE-2018-0533 | Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of session authentication via unspecified vectors. | Garoon | 4.9 | ||
| 2018-04-16 | CVE-2018-0532 | Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors. | Garoon | 2.7 | ||
| 2018-04-16 | CVE-2018-0531 | Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to view or alter an access privilege of a folder and/or notification settings via unspecified vectors. | Garoon | 4.3 |