CVE-2013-6931
published 2014-01-29CVE-2013-6931: SQL injection vulnerability in the API in Cybozu Garoon 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified…
PriorityP433medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EPSS
1.04%
59.7th percentile
SQL injection vulnerability in the API in Cybozu Garoon 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
| cybozu | garoon | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x7vq-rqx8-2699: SQL injection vulnerability in the download feature in Cybozu Garoon 2
ghsa_unreviewed·2022-05-17·CVSS 6.5
CVE-2014-0821 [MEDIUM] CWE-89 GHSA-x7vq-rqx8-2699: SQL injection vulnerability in the download feature in Cybozu Garoon 2
SQL injection vulnerability in the download feature in Cybozu Garoon 2.x through 2.5.4 and 3.x through 3.7 SP3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6930 and CVE-2013-6931.
GHSA
GHSA-99g8-84wq-7g3x: SQL injection vulnerability in the API in Cybozu Garoon 3
ghsa_unreviewed·2022-05-17·CVSS 6.5
CVE-2013-6931 [MEDIUM] CWE-89 GHSA-99g8-84wq-7g3x: SQL injection vulnerability in the API in Cybozu Garoon 3
SQL injection vulnerability in the API in Cybozu Garoon 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://cs.cybozu.co.jp/information/20140127up03.phphttp://jvn.jp/en/jp/JVN91153528/374951/index.htmlhttp://jvn.jp/en/jp/JVN91153528/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2014-000010https://support.cybozu.com/ja-jp/article/7888http://cs.cybozu.co.jp/information/20140127up03.phphttp://jvn.jp/en/jp/JVN91153528/374951/index.htmlhttp://jvn.jp/en/jp/JVN91153528/index.htmlhttp://jvndb.jvn.jp/jvndb/JVNDB-2014-000010https://support.cybozu.com/ja-jp/article/7888
2014-01-29
Published