|
200691
|
6.5 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to cause a denial of service (DoS) condition via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2021-20804
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200692
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Operation restriction bypass in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to alter the data of the management screen.
|
CWE-863
Incorrect Authorization
|
CVE-2021-20803
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200693
|
5.3 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product.
|
CWE-74
Injection
|
CVE-2021-20802
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200694
|
6.5 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the information stored in the product via unspecified vectors. This…
|
CWE-611
XXE
|
CVE-2021-20801
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200695
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20800
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200696
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20799
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200697
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20798
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200698
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site script inclusion vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to obtain the information stored in the product. This issue oc…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20797
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200699
|
6.5 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Directory traversal vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to upload an arbitrary file via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2021-20796
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200700
|
8.8 |
HIGH
Network
|
cybozu
|
remote_service_manager
|
Cross-site request forgery (CSRF) vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to hijack the authentication of administrators and unintended…
|
CWE-352
Origin Validation Error
|
CVE-2021-20795
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
