|
258861
|
- |
|
cybozu
|
garoon
|
The server in Cybozu Garoon before 3.7 SP1 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
|
CWE-399
Resource Management Errors
|
CVE-2013-6002
|
2014-01-4 00:31 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258862
|
- |
|
cybozu
|
garoon
|
SQL injection vulnerability in the Space function in Cybozu Garoon before 3.7 SP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2013-6001
|
2014-01-4 00:22 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258863
|
- |
|
cybozu
|
garoon
|
CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, when Phone Messages forwarding is enabled, allows remote authenticated users to inject arbitrary e-mail headers via unspecified vect…
|
CWE-20
Improper Input Validation
|
CVE-2013-6003
|
2014-01-4 00:21 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258864
|
- |
|
cybozu
|
garoon
|
Session fixation vulnerability in Cybozu Garoon before 3.7.2 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-6004
|
2014-01-4 00:20 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258865
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in the system-administration component in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6900
|
2014-01-4 00:20 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258866
|
- |
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in the Space function in Cybozu Garoon before 3.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2013-6902
|
2014-01-4 00:19 |
2013-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258867
|
- |
|
projectforge
|
projectforge
|
Cross-site scripting (XSS) vulnerability in ProjectForge before 3.5.3 allows remote authenticated users to inject arbitrary web script or HTML via a validation message.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5269
|
2014-01-3 03:21 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258868
|
- |
|
op5
|
monitor
|
op5 Monitor and op5 Appliance before 5.5.0 do not properly manage session cookies, which allows remote attackers to have an unspecified impact via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0264
|
2014-01-3 01:39 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258869
|
- |
|
op5
|
monitor
|
monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows remote authenticated users to obtain sensitive information such as database and user credentials via error messages that are tri…
|
CWE-200
Information Exposure
|
CVE-2012-0263
|
2014-01-3 01:35 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258870
|
- |
|
op5
|
monitor
system-op5config
|
op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password paramet…
|
CWE-94
Code Injection
|
CVE-2012-0262
|
2014-01-3 01:32 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
