SQL Injection Vulnerability in Cybozu Garoon 4.0.0 to 4.10.0: Arbitrary SQL Command Execution via Log Search

SQL Injection Vulnerability in Cybozu Garoon 4.0.0 to 4.10.0: Arbitrary SQL Command Execution via Log Search

CVE-2019-5934 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allows attacker with administrator rights to execute arbitrary SQL commands via the Log Search function of application 'logging'.

Learn more about our Web Application Penetration Testing UK.