CVE-2013-6930

EUVD-2013-6731
SQL injection vulnerability in the page-navigation implementation in Cybozu Garoon 2.0.0 through 2.0.6, 2.1.0 through 2.1.3, 2.5.0 through 2.5.4, 3.0.0 through 3.0.3, 3.5.0 through 3.5.5, and 3.7.x before 3.7.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2013-6929.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
Affected Products (NVD)
VendorProductVersion
cybozugaroon
2.0:sp1
cybozugaroon
2.0:sp2
cybozugaroon
2.0:sp3
cybozugaroon
2.0:sp4
cybozugaroon
2.0:sp5
cybozugaroon
2.0:sp6
cybozugaroon
2.0.0
cybozugaroon
2.0.1
cybozugaroon
2.0.2
cybozugaroon
2.0.3
cybozugaroon
2.0.4
cybozugaroon
2.0.5
cybozugaroon
2.0.6
cybozugaroon
2.1:sp1
cybozugaroon
2.1:sp2
cybozugaroon
2.1:sp3
cybozugaroon
2.1.0
cybozugaroon
2.1.1
cybozugaroon
2.1.2
cybozugaroon
2.1.3
cybozugaroon
2.5.0
cybozugaroon
2.5.1
cybozugaroon
2.5.2
cybozugaroon
2.5.3
cybozugaroon
2.5.4
cybozugaroon
3.0.0
cybozugaroon
3.0.1
cybozugaroon
3.0.2
cybozugaroon
3.0.3
cybozugaroon
3.1.0
cybozugaroon
3.1.1
cybozugaroon
3.1.2
cybozugaroon
3.1.3
cybozugaroon
3.5.0
cybozugaroon
3.5.1
cybozugaroon
3.5.2
cybozugaroon
3.5.3
cybozugaroon
3.5.4
cybozugaroon
3.5.5
cybozugaroon
3.7.0
cybozugaroon
3.7.1
cybozugaroon
3.7.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://cs.cybozu.co.jp/information/20140127up02.php
http://jvn.jp/en/jp/JVN91153528/374951/index.html
http://jvn.jp/en/jp/JVN91153528/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000010
https://support.cybozu.com/ja-jp/article/7886
http://cs.cybozu.co.jp/information/20140127up02.php
http://jvn.jp/en/jp/JVN91153528/374951/index.html
http://jvn.jp/en/jp/JVN91153528/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000010
https://support.cybozu.com/ja-jp/article/7886