Search Results | AttackerKB

Show filters

Topics 30 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

30 Total Results

Displaying 1-10 of 30

Attacker Value

Unknown

CVE-2017-10857

Disclosure Date: October 12, 2017 (last updated November 26, 2024)

Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function.

0

Attacker Value

Unknown

CVE-2017-2114

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

0

Attacker Value

Unknown

CVE-2017-2116

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to delete "customapp" templates via unspecified vectors.

0

Attacker Value

Unknown

CVE-2017-2115

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-4872

Disclosure Date: April 17, 2017 (last updated November 26, 2024)

Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restrictions to view the names of unauthorized projects via a breadcrumb trail.

0

Attacker Value

Unknown

CVE-2016-4867

Disclosure Date: April 17, 2017 (last updated November 26, 2024)

Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restriction to view unauthorized project information via the Project function.

0

Attacker Value

Unknown

CVE-2016-4869

Disclosure Date: April 17, 2017 (last updated November 26, 2024)

Cybozu Office 9.0.0 to 10.4.0 allow remote attackers to obtain session information via a page where CGI environment variables are displayed.

0

Attacker Value

Unknown

CVE-2016-4865

Disclosure Date: April 17, 2017 (last updated November 26, 2024)

Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Customapp function.

0

Attacker Value

Unknown

CVE-2016-4871

Disclosure Date: April 17, 2017 (last updated November 26, 2024)

Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to cause a denial of service.

0

Attacker Value

Unknown

CVE-2016-4866

Disclosure Date: April 17, 2017 (last updated November 26, 2024)

Cross-site scripting vulnerability in Cybozu Office 9.0.0 to 10.4.0 allows attackers with administrator rights to inject arbitrary web script or HTML via the Project function.

0