Shodan
Vulnerabilities
Vulnerable Software
Cybozu:  >> Garoon  Security Vulnerabilities
CVE-2019-5991
SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.6
EPSS Score
0.005
Published
2019-09-12
CVE-2019-5975
DOM-based cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.2 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-09-12
CVE-2019-5976
Cybozu Garoon 4.0.0 to 4.10.2 allows an attacker with administrative rights to cause a denial of service condition via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.003
Published
2019-09-12
CVE-2019-5977
Mail header injection vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 may allow a remote authenticated attackers to alter mail header via the application 'E-Mail'.
CVSS Score
4.3
EPSS Score
0.002
Published
2019-09-12
CVE-2019-5978
Open redirect vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the application 'Scheduler'.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-09-12
CVE-2019-5944
Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to bypass access restriction alter the contents of application 'Address' without modify privileges via the application 'Address'.
CVSS Score
4.3
EPSS Score
0.002
Published
2019-05-17
CVE-2019-5945
Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the users' credential information via the authentication of Cybozu Garoon.
CVSS Score
9.8
EPSS Score
0.008
Published
2019-05-17
CVE-2019-5946
Open redirect vulnerability in Cybozu Garoon 4.2.4 to 4.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the Login Screen.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-05-17
CVE-2019-5947
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'.
CVSS Score
5.4
EPSS Score
0.002
Published
2019-05-17
CVE-2019-5933
Cybozu Garoon 4.0.0 to 4.10.0 allows remote authenticated attackers to bypass access restriction to view the Bulletin Board without view privileges via the application 'Bulletin'.
CVSS Score
4.3
EPSS Score
0.002
Published
2019-05-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved