CVE-2015-5646 Information

Description

Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute arbitrary PHP code via unspecified vectors aka CyVDB-863 and CyVDB-867.

Reference

http://jvn.jp/en/jp/JVN21025396/374951/index.html http://jvn.jp/en/jp/JVN21025396/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000151 https://support.cybozu.com/ja-jp/article/8809 https://support.cybozu.com/ja-jp/article/8811