SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.6
EPSS Score
0.11%
Published
2019-09-12
Updated
2019-09-13
SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allows attacker with administrator rights to execute arbitrary SQL commands via the Log Search function of application 'logging'.
Max CVSS
7.2
EPSS Score
0.09%
Published
2019-05-17
Updated
2019-05-20
SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
8.8
EPSS Score
0.11%
Published
2018-07-26
Updated
2018-09-24
SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
8.8
EPSS Score
0.11%
Published
2018-04-16
Updated
2018-05-17
SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function.
Max CVSS
8.8
EPSS Score
0.15%
Published
2017-06-09
Updated
2017-06-13
SQL injection vulnerability in Cybozu Garoon before 4.2.2.
Max CVSS
8.8
EPSS Score
0.26%
Published
2017-04-20
Updated
2017-04-25
SQL injection vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6930 and CVE-2013-6931.
Max CVSS
6.5
EPSS Score
0.26%
Published
2014-02-27
Updated
2015-08-13
SQL injection vulnerability in the API in Cybozu Garoon 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929.
Max CVSS
6.5
EPSS Score
0.26%
Published
2014-01-29
Updated
2014-02-21
SQL injection vulnerability in the page-navigation implementation in Cybozu Garoon 2.0.0 through 2.0.6, 2.1.0 through 2.1.3, 2.5.0 through 2.5.4, 3.0.0 through 3.0.3, 3.5.0 through 3.5.5, and 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929.
Max CVSS
6.5
EPSS Score
0.26%
Published
2014-01-29
Updated
2014-02-21
SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted API input.
Max CVSS
6.5
EPSS Score
0.19%
Published
2013-12-28
Updated
2013-12-30
SQL injection vulnerability in the Space function in Cybozu Garoon before 3.7 SP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
6.5
EPSS Score
0.26%
Published
2013-12-05
Updated
2014-01-03
SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging privilege.
Max CVSS
6.0
EPSS Score
0.15%
Published
2013-02-14
Updated
2013-02-14
Multiple SQL injection vulnerabilities in Cybozu Garoon 2.1.0 for Windows allow remote authenticated users to execute arbitrary SQL commands via the (1) tid parameter in the (a) todo/view (aka TODO List View), (b) todo/modify (aka TODO List Modify), or (c) todo/delete functionality; the (2) pid parameter in the (d) workflow/view or (e) workflow/print functionality; the (3) uid parameter in the (f) schedule/user_view, (g) phonemessage/add, (h) phonemessage/history, or (i) schedule/view functionality; the (4) cid parameter in (j) todo/index; the (5) iid parameter in the (k) memo/view or (l) memo/print functionality; or the (6) event parameter in the (m) schedule/view functionality.
Max CVSS
6.5
EPSS Score
0.42%
Published
2006-08-29
Updated
2017-07-20
13 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!