Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cybozu garoon 3.7 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2013-6929
SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and previous versions allows remote authenticated users to execute arbitrary SQL commands via crafted API input.
Cybozu Garoon
Cybozu Garoon 3.7
5.8
CVSSv2
CVE-2013-6006
Cybozu Garoon 3.5 up to and including 3.7 SP2 allows remote malicious users to bypass Keitai authentication via a modified user ID in a request.
Cybozu Garoon 3.5
Cybozu Garoon 3.5.3
Cybozu Garoon 3.7
3.5
CVSSv2
CVE-2013-6915
Cross-site scripting (XSS) vulnerability in the system-administration component in Cybozu Garoon prior to 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Cybozu Garoon 3.5
Cybozu Garoon 3.1
Cybozu Garoon 2.1
Cybozu Garoon 2.0
Cybozu Garoon 2.5
Cybozu Garoon 3.7
Cybozu Garoon 3.0
Cybozu Garoon
4.3
CVSSv2
CVE-2013-6916
Cross-site scripting (XSS) vulnerability in the Yahoo! User Interface Library in Cybozu Garoon prior to 3.7.2, when Internet Explorer 9 or 10 or Chrome is used, allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Cybozu Garoon
Cybozu Garoon 3.5
Cybozu Garoon 3.1
Cybozu Garoon 2.0
Cybozu Garoon 2.1
Cybozu Garoon 3.0
Cybozu Garoon 2.5
Cybozu Garoon 3.7
6.8
CVSSv2
CVE-2013-6004
Session fixation vulnerability in Cybozu Garoon prior to 3.7.2 allows remote malicious users to hijack web sessions via unspecified vectors.
Cybozu Garoon 3.5
Cybozu Garoon 3.0
Cybozu Garoon
Cybozu Garoon 3.7
Cybozu Garoon 2.0
Cybozu Garoon 3.1
Cybozu Garoon 2.1
Cybozu Garoon 2.5
3.5
CVSSv2
CVE-2013-6913
Cross-site scripting (XSS) vulnerability in a search component in Cybozu Garoon prior to 3.7.2, when Internet Explorer is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Cybozu Garoon 3.7
Cybozu Garoon 3.5
Cybozu Garoon 3.1
Cybozu Garoon 2.0
Cybozu Garoon 2.5
Cybozu Garoon 3.0
Cybozu Garoon 2.1
Cybozu Garoon
3.5
CVSSv2
CVE-2013-6911
Cross-site scripting (XSS) vulnerability in the bulletin-board component in Cybozu Garoon prior to 3.7.2, when Internet Explorer or Firefox is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Cybozu Garoon 3.5
Cybozu Garoon 3.0
Cybozu Garoon 2.0
Cybozu Garoon 2.1
Cybozu Garoon 2.5
Cybozu Garoon
Cybozu Garoon 3.7
Cybozu Garoon 3.1
3.5
CVSSv2
CVE-2013-6912
Cross-site scripting (XSS) vulnerability in a calendar component in Cybozu Garoon prior to 3.7.2, when Internet Explorer 6 through 9 is used, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Cybozu Garoon 3.5
Cybozu Garoon 3.0
Cybozu Garoon 2.1
Cybozu Garoon 2.5
Cybozu Garoon 3.7
Cybozu Garoon 3.1
Cybozu Garoon 2.0
Cybozu Garoon
3.5
CVSSv2
CVE-2013-6914
Cross-site scripting (XSS) vulnerability in a calendar component in Cybozu Garoon prior to 3.7.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Cybozu Garoon 3.5
Cybozu Garoon 3.1
Cybozu Garoon 2.1
Cybozu Garoon 2.5
Cybozu Garoon 3.0
Cybozu Garoon 2.0
Cybozu Garoon
Cybozu Garoon 3.7
7.5
CVSSv2
CVE-2014-1996
Cybozu Garoon 3.7 before SP4 allows remote authenticated users to bypass intended access restrictions, and execute arbitrary code or cause a denial of service, via an API call.
Cybozu Garoon 3.7
Cybozu Garoon 3.7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »