CVEDB API

Vulnerabilities

Vulnerable Software

Cybozu: >> Mailwise Security Vulnerabilities

CVE-2020-5572

Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors.

CVSS Score

4.6

EPSS Score

0.001

Published

2020-05-29

CVE-2018-0702

Directory traversal vulnerability in Cybozu Mailwise 5.0.0 to 5.4.5 allows remote attackers to delete arbitrary files via unspecified vectors.

CVSS Score

7.5

EPSS Score

0.009

Published

2019-01-09

CVE-2018-0557

Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors.

CVSS Score

6.1

EPSS Score

0.002

Published

2018-06-26

CVE-2018-0558

Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML in 'System settings' via unspecified vectors.

CVSS Score

6.1

EPSS Score

0.002

Published

2018-06-26

CVE-2018-0559

Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'Address' via unspecified vectors.

CVSS Score

6.1

EPSS Score

0.002

Published

2018-06-26

CVE-2016-4841

Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers.

CVSS Score

4.3

EPSS Score

0.007

Published

2017-04-21

CVE-2016-4842

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain information on when an email is read.

CVSS Score

4.3

EPSS Score

0.004

Published

2017-04-20

CVE-2016-4843

Cybozu Mailwise before 5.4.0 allows remote attackers to obtain sensitive cookie information.

CVSS Score

6.5

EPSS Score

0.009

Published

2017-04-20

CVE-2016-4844

Cybozu Mailwise before 5.4.0 allows remote attackers to conduct clickjacking attacks.

CVSS Score

4.3

EPSS Score

0.007

Published

2017-04-20

CVE-2014-5314

Buffer overflow in Cybozu Office 9 and 10 before 10.1.0, Mailwise 4 and 5 before 5.1.4, and Dezie 8 before 8.1.1 allows remote authenticated users to execute arbitrary code via e-mail messages.

CVSS Score

9.0

EPSS Score

0.061

Published

2014-11-24

Page 1

Vulnerabilities

Vulnerable Software

Cybozu: >> Mailwise Security Vulnerabilities

Products

Pricing

Contact Us