Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cybozu garoon 4.0.0 vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-5936
Directory traversal vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated malicious users to obtain files without access privileges via the application 'Work Flow'.
Cybozu Garoon
6.1
CVSSv3
CVE-2019-5938
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote malicious users to inject arbitrary web script or HTML via the application 'Mail'.
Cybozu Garoon
6.1
CVSSv3
CVE-2019-5939
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote malicious users to inject arbitrary web script or HTML via the application 'Portal'.
Cybozu Garoon
6.1
CVSSv3
CVE-2019-5940
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote malicious users to inject arbitrary web script or HTML via the application 'Scheduler'.
Cybozu Garoon
4.3
CVSSv3
CVE-2019-5941
Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated malicious users to bypass access restriction alter the Report without access privileges via the application 'Multi Report'.
Cybozu Garoon
5.3
CVSSv3
CVE-2021-20764
Improper input validation vulnerability in Attaching Files of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote malicious user to alter the data of Attaching Files.
Cybozu Garoon
6.1
CVSSv3
CVE-2021-20765
Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote malicious user to inject an arbitrary script via unspecified vectors.
Cybozu Garoon
6.1
CVSSv3
CVE-2021-20766
Cross-site scripting vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote malicious user to inject an arbitrary script via unspecified vectors.
Cybozu Garoon
5.4
CVSSv3
CVE-2021-20753
Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated malicious user to inject an arbitrary script via unspecified vectors.
Cybozu Garoon
4.3
CVSSv3
CVE-2019-5933
Cybozu Garoon 4.0.0 to 4.10.0 allows remote authenticated malicious users to bypass access restriction to view the Bulletin Board without view privileges via the application 'Bulletin'.
Cybozu Garoon
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »