|
268061
|
8.1 |
HIGH
Network
|
cybozu
|
garoon
|
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended restrictions on reading, creating, or modifying a portlet via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-1189
|
2024-11-21 11:45 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268062
|
6.5 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to send spoofed e-mail messages via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2016-1188
|
2024-11-21 11:45 |
2016-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268063
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerabilit…
|
CWE-264
CWE-200
Permissions, Privileges, and Access Controls
Information Exposure
|
CVE-2016-1196
|
2024-11-21 11:45 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268064
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Directory traversal vulnerability in the logging implementation in Cybozu Garoon 3.7 through 4.2 allows remote authenticated users to read a log file via unspecified vectors.
|
CWE-22
CWE-200
Path Traversal
Information Exposure
|
CVE-2016-1192
|
2024-11-21 11:45 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268065
|
5.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Directory traversal vulnerability in the Files function in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to modify settings via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2016-1191
|
2024-11-21 11:45 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268066
|
6.1 |
MEDIUM
Network
|
trendmicro
|
internet_security
|
Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1226
|
2024-11-21 11:45 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268067
|
6.5 |
MEDIUM
Network
|
trendmicro
|
internet_security
|
Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-1225
|
2024-11-21 11:45 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268068
|
6.1 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1197
|
2024-11-21 11:45 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268069
|
7.4 |
HIGH
Network
|
cybozu
|
garoon
|
Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
|
NVD-CWE-Other
|
CVE-2016-1195
|
2024-11-21 11:45 |
2016-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268070
|
6.1 |
MEDIUM
Network
|
trendmicro
|
worry-free_business_security
worry-free_business_security_services
|
CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 allows remote attackers to inject arbitrary HTTP headers and conduct cross-si…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1224
|
2024-11-21 11:45 |
2016-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
