CVE-2014-8036

CVE-2014-8036 affects the outlookpa component in Cisco WebEx Meetings Server, where improper sanitization/validation of API input enables an unauthenticated, remote attacker to modify the invite list of scheduled meetings via crafted URL requests. The vulnerability stems from insufficient input v...

CVE-2014-8036

The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which allows remote attackers to modify a meeting's invite list via a crafted URL, aka Bug ID CSCuj40254...

Multiple SQL injection vulnerabilities in Cybozu Garoon

Overview Cybozu Garoon contains multiple SQL injection vulnerabilities. Cybozu Garoon contains issues in the process of page navigation link and input through API, which may result in SQL injection. Note that this vulnerability is different from JVN60997973. Impact A user who can log in to the...

CVE-2013-6929

SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted API input...

CVE-2013-6929

SQL injection vulnerability in Cybozu Garoon 3.7 SP2 and earlier allows remote authenticated users to execute arbitrary SQL commands via crafted API input...

CVE-2008-4805

Multiple cross-site scripting XSS vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the community title, 2 API input, and vectors related to the 3 Homepage, 4 Blogs, 5 Profiles, 6 Dogear, 7 Activities, and 8 Global Search...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the community title, 2 API input, and vectors related to the 3 Homepage, 4 Blogs, 5 Profiles, 6 Dogear, 7 Activities, and 8 Global Search...