Shodan
Vulnerabilities
Vulnerable Software
Cybozu:  >> Office  >> 10.0.0  Security Vulnerabilities
CVE-2016-1149
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, and CVE-2016-1150.
CVSS Score
6.1
EPSS Score
0.005
Published
2016-02-17
CVE-2015-8489
customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service (excessive database locking) via a crafted CSV file, a different vulnerability than CVE-2016-1153.
CVSS Score
6.5
EPSS Score
0.006
Published
2016-02-17
CVE-2015-8487
Cybozu Office 9.0.0 through 10.3 allows remote attackers to discover CSRF tokens via unspecified vectors, a different vulnerability than CVE-2015-8488.
CVSS Score
4.3
EPSS Score
0.003
Published
2016-02-17
CVE-2015-8486
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152.
CVSS Score
5.4
EPSS Score
0.002
Published
2016-02-17
CVE-2015-8485
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary posting titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8486, and CVE-2016-1152.
CVSS Score
5.4
EPSS Score
0.002
Published
2016-02-17
CVE-2015-8484
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152.
CVSS Score
5.4
EPSS Score
0.002
Published
2016-02-17
CVE-2015-8483
Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
CVSS Score
7.4
EPSS Score
0.003
Published
2016-02-17
CVE-2015-7798
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2016-1149, and CVE-2016-1150.
CVSS Score
6.1
EPSS Score
0.005
Published
2016-02-17
CVE-2015-7797
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.
CVSS Score
6.1
EPSS Score
0.005
Published
2016-02-17
CVE-2015-7796
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.
CVSS Score
6.1
EPSS Score
0.005
Published
2016-02-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved