Search Results | AttackerKB

Show filters

Topics 27 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

27 Total Results

Displaying 1-10 of 27

Attacker Value

Unknown

CVE-2017-2145

Disclosure Date: July 07, 2017 (last updated November 26, 2024)

Session fixation vulnerability in Cybozu Garoon 4.0.0 to 4.2.4 allows remote attackers to perform arbitrary operations via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-7801

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-4909

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-4907

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-4906

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to inject arbitrary web script or HTML via "Messages" function of Cybozu Garoon Keitai.

0

Attacker Value

Unknown

CVE-2016-4910

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to delete other operational administrators' MultiReport filters via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-4908

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction to alter or delete another user's private RSS settings via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-7802

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

Directory traversal vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to read arbitrary files via unspecified vectors.

0

Attacker Value

Unknown

CVE-2016-7803

Disclosure Date: June 09, 2017 (last updated November 26, 2024)

SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function.

0

Attacker Value

Unknown

CVE-2017-2094

Disclosure Date: April 28, 2017 (last updated November 26, 2024)

Cybozu Garoon 3.0.0 to 4.2.3 allows remote authenticated attackers to bypass access restriction in Workflow and the "MultiReport" function to alter or delete information via unspecified vectors.

0