|
196941
|
8.8 |
HIGH
Network
|
og_tags_project
|
og_tags
|
Cross-site request forgery (CSRF) vulnerability in OG Tags versions prior to 2.0.2 allows a remote attacker to hijack the authentication of administrators and unintended operation may be performed vi…
|
CWE-352
Origin Validation Error
|
CVE-2021-20831
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196942
|
6.1 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.0.0 to 3.1.9 allows a remote attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20807
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196943
|
6.1 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-601
Open Redirect
|
CVE-2021-20806
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196944
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.7 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20805
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196945
|
6.5 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to cause a denial of service (DoS) condition via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2021-20804
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196946
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Operation restriction bypass in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to alter the data of the management screen.
|
CWE-863
Incorrect Authorization
|
CVE-2021-20803
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196947
|
5.3 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote attacker to alter the information stored in the product.
|
CWE-74
Injection
|
CVE-2021-20802
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196948
|
6.5 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to conduct XML External Entity (XXE) attacks and obtain the information stored in the product via unspecified vectors. This…
|
CWE-611
XXE
|
CVE-2021-20801
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196949
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20800
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196950
|
5.4 |
MEDIUM
Network
|
cybozu
|
remote_service_manager
|
Cross-site scripting vulnerability in the management screen of Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2021-20799
|
2024-11-21 14:47 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
