Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cybozu garoon 4.0.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-20771
Cross-site scripting vulnerability in some functions of E-Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote malicious user to inject an arbitrary script via unspecified vectors.
Cybozu Garoon
6.5
CVSSv2
CVE-2019-5934
SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allows attacker with administrator rights to execute arbitrary SQL commands via the Log Search function of application 'logging'.
Cybozu Garoon
4
CVSSv2
CVE-2021-20760
Improper input validation vulnerability in User Profile of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated malicious user to alter the data of User Profile without the appropriate privilege.
Cybozu Garoon
4
CVSSv2
CVE-2021-20773
There is a vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.0, which may allow a remote authenticated malicious user to delete the route information Workflow without the appropriate privilege.
Cybozu Garoon
3.5
CVSSv2
CVE-2021-20774
Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated malicious user to inject an arbitrary script via unspecified vectors.
Cybozu Garoon
5.5
CVSSv2
CVE-2022-26368
Browse restriction bypass and operation restriction bypass vulnerability in Cabinet of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated malicious user to alter and/or obtain the data of Cabinet.
Cybozu Garoon
4
CVSSv2
CVE-2022-29512
Exposure of sensitive information to an unauthorized actor issue in multiple applications of Cybozu Garoon 4.0.0 to 5.9.1 allows a remote authenticated malicious user to obtain the data without the viewing privilege.
Cybozu Garoon
4
CVSSv2
CVE-2022-29892
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated malicious user to repeatedly display errors in certain functions and cause a denial-of-service (DoS).
Cybozu Garoon
4
CVSSv2
CVE-2021-20768
Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated malicious user to delete the data of Scheduler and MultiReport without the appropriate privilege.
Cybozu Garoon
3.5
CVSSv2
CVE-2021-20761
Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker with an administrative privilege to alter the data of E-mail without the appropriate privilege.
Cybozu Garoon
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »