2 matches found
CVE-2018-0530
CVE-2018-0530 is a SQL injection vulnerability in Cybozu Garoon, affecting versions 3.5.0 through 4.2.6. It enables remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors in the application address component. The issue is documented across multiple sources (NVD, ...
JVN#65268217: Multiple vulnerabilities in Cybozu Garoon
Cybozu Garoon provided by Cybozu, Inc. contains multiple vulnerabilities listed below. SQL injection in the application "Address" CWE-89 - CVE-2018-0530 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N| Base Score: 6.5 CVSS v2| AV:N/AC:L/Au:S/C:P/I:N/A:N|...