Shodan
Vulnerabilities
Vulnerable Software
Cybozu:  >> Garoon  >> 4.2.2  Security Vulnerabilities
CVE-2020-5564
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the application 'E-mail'.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-04-28
CVE-2020-5565
Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-04-28
CVE-2020-5566
Improper authorization vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to alter the application's data via the applications 'E-mail' and 'Messages'.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-04-28
CVE-2020-5567
Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-04-28
CVE-2019-5991
SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.6
EPSS Score
0.005
Published
2019-09-12
CVE-2019-5976
Cybozu Garoon 4.0.0 to 4.10.2 allows an attacker with administrative rights to cause a denial of service condition via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.003
Published
2019-09-12
CVE-2019-5977
Mail header injection vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 may allow a remote authenticated attackers to alter mail header via the application 'E-Mail'.
CVSS Score
4.3
EPSS Score
0.002
Published
2019-09-12
CVE-2019-5978
Open redirect vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the application 'Scheduler'.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-09-12
CVE-2019-5944
Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction alter the contents of application 'Address' without modify privileges via the application 'Address'.
CVSS Score
4.3
EPSS Score
0.002
Published
2019-05-17
CVE-2019-5933
Cybozu Garoon 4.0.0 to 4.10.0 allows remote authenticated attackers to bypass access restriction to view the Bulletin Board without view privileges via the application 'Bulletin'.
CVSS Score
4.3
EPSS Score
0.002
Published
2019-05-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved