CVE-2013-0701 Information

Description

SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging privilege.

Reference

http://cs.cybozu.co.jp/information/20130125up02.php http://jvn.jp/en/jp/JVN07629635/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000007