Search Results | AttackerKB

Show filters

Topics 42 Users 9,712

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

42 Total Results

Displaying 11-20 of 42

Attacker Value

Unknown

CVE-2016-4908

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-7802

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-7803

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function.

0

Attacker Value

Unknown

CVE-2017-2094

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Workflow and the "MultiReport" function to alter or delete information via unspecified vectors.

0

Attacker Value

Unknown

CVE-2017-2093

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

Cybozu Garoon 3.0.0 to 4.2.3 allow remote attackers to obtain tokens used for CSRF protection via unspecified vectors.

0

Attacker Value

Unknown

CVE-2017-2095

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in the mail function leading to an alteration of the order of mail folders via unspecified vectors.

0

Attacker Value

Unknown

CVE-2017-2092

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

0

Attacker Value

Unknown

CVE-2017-2091

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Phone Messages function to alter the status of phone messages via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-1190

Disclosure Date: June 25, 2016 (last updated November 25, 2024)

Cybozu Garoon 3.1 through 4.2 allows remote authenticated users to bypass intended restrictions on MultiReport reading via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-1188

Disclosure Date: June 25, 2016 (last updated November 25, 2024)

Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to send spoofed e-mail messages via unspecified vectors.

0