11 matches found
CVE-2024-31402
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos...
CVE-2024-31402
Incorrect authorization vulnerability in Cybozu Garoon 5.0.0 to 5.15.2 allows a remote authenticated attacker to delete the data of Shared To-Dos...
Cross-site Scripting (XSS) - Stored in tsolucio/corebos
Description Stored XSS in Subject in To Dos Proof of Concept // PoC Request POST /corebos/index.php HTTP/1.1 Host: 127.0.0.1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.15; rv:93.0 Gecko/20100101 Firefox/93.0 Accept:...
CVE-2016-7801
Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors...
CVE-2016-7801
Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors...
Authentication flaw
Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors...
CVE-2016-7801
Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to bypass access restrictions to delete other users' To-Dos via unspecified vectors...
CVE-2016-7801
CVE-2016-7801 affects Cybozu Garoon 3.0.0 to 4.2.2. The vulnerability is a failure to enforce access restrictions on To-Dos in the Space function, enabling remote attackers to delete other users’ To-Dos via unspecified vectors. Public details across sources confirm an access-control flaw in To-Do...
Cybozu Garoon fails to restrict access permission in To-Dos of Space function
Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains an access restriction flaw in To-Dos of Space function. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the...
JVN#14631222: Cybozu Garoon fails to restrict access permissions
Cybozu Garoon provided by Cybozu,Inc. is a groupware. Cybozu Garoon contains following multiple vulnerabilities in restricting access permissions. Access restriction flaw in the RSS settings - CVE-2016-4908 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N|...
Studio Lounge Address Book 2.5 - Authentication Bypass
----------------------------بسم الله الرØمن الرØيم----------------------------- Download: http://www.studiolounge.net/2007/08/17/address-book-25 Software: Studio Lounge Address Book 2.5 author: ThE g0bL!N Home: WWW.h4ckf0ru.com Chi3arona houa : Serra7 merra7 , koulchi mderra7...