Shodan
Vulnerabilities
Vulnerable Software
Cybozu:  >> Office  >> 10.0.2  Security Vulnerabilities
CVE-2021-20627
Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-03-18
CVE-2021-20628
Cross-site scripting vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors. Note that this vulnerability occurs only when using Mozilla Firefox.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-03-18
CVE-2021-20629
Cross-site scripting vulnerability in E-mail of Cybozu Office 10.0.0 to 10.8.4 allows remote attackers to inject an arbitrary script via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-03-18
CVE-2021-20630
Improper access control vulnerability in Phone Messages of Cybozu Office 10.0.0 to 10.8.4 allows authenticated attackers to bypass access restriction and obtain the data of Phone Messages via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.002
Published
2021-03-18
CVE-2019-6023
Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to bypass access restriction which may result in obtaining data without access privileges via the application 'Address'.
CVSS Score
4.3
EPSS Score
0.001
Published
2019-12-26
CVE-2019-6022
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers to alter arbitrary files via the 'Customapp' function.
CVSS Score
6.5
EPSS Score
0.009
Published
2019-12-26
CVE-2018-0703
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via HTTP requests.
CVSS Score
7.5
EPSS Score
0.009
Published
2019-01-09
CVE-2018-0704
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen.
CVSS Score
7.5
EPSS Score
0.009
Published
2019-01-09
CVE-2018-0526
Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external server via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.003
Published
2018-06-26
CVE-2018-0527
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-06-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved