RSS   Vulnerabilities for 'Office'   RSS

2019-01-09
 
CVE-2018-0704

CWE-22
 

 
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via Keitai Screen.

 
 
CVE-2018-0703

CWE-22
 

 
Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.1 allows remote attackers to delete arbitrary files via HTTP requests.

 
2018-06-26
 
CVE-2018-0567

CWE-284
 

 
Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass access restriction to access and write non-public data via unspecified vectors.

 
 
CVE-2018-0566

CWE-264
 

 
Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the schedules without access privilege via unspecified vectors.

 
 
CVE-2018-0565

CWE-79
 

 
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 
 
CVE-2018-0529

CWE-20
 

 
Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors.

 
 
CVE-2018-0528

CWE-287
 

 
Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors.

 
 
CVE-2018-0527

CWE-79
 

 
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 
 
CVE-2018-0526

CWE-200
 

 
Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external server via unspecified vectors.

 
2017-10-12
 
CVE-2017-10857

 

 
Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function.

 


Copyright 2019, cxsecurity.com

 

Back to Top