Mailwise - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Mailwise
(Cybozu)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	14

Date	Id	Summary	Products	Score	Patch	Annotated
2018-06-26	CVE-2018-0557	Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors.	Mailwise	6.1
2017-04-20	CVE-2016-4844	Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks.	Mailwise	4.3
2017-04-20	CVE-2016-4843	Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information.	Mailwise	6.5
2017-04-20	CVE-2016-4842	Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read.	Mailwise	4.3
2017-04-21	CVE-2016-4841	Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers.	Mailwise	4.3
2014-11-24	CVE-2014-5314	Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages.	Dezie, Mailwise, Office	N/A
2013-08-15	CVE-2013-4698	Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail content intended for different persons in opportunistic circumstances by reading Subject header lines within the user's own mailbox.	Mailwise	N/A
2013-04-25	CVE-2013-2305	Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords.	Cybozu_dezie, Cybozu_office, Mailwise	N/A
2011-06-29	CVE-2011-1334	Cross-site scripting (XSS) vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "downloading graphic files from the mail system."	Collaborex, Dezie, Garoon, Mailwise, Office	N/A
2006-08-31	CVE-2006-4491	Directory traversal vulnerability in Cybozu Collaborex, AG before 1.2(1.5), AG Pocket before 5.2(0.8), Mailwise before 3.0(0.3), and Garoon 1 before 1.5(4.1) allows remote authenticated users to read arbitrary files via unspecified vectors.	Collaborex, Cybozu_ag, Cybozu_pocket, Garoon_1, Mailwise	N/A