629 matches found
Information disclosure
ManageEngine Applications Manager 8.1 build 8100 allows remote attackers to obtain sensitive information Home-Summary via an invalid URI, as demonstrated by the "/-" URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-0474
Multiple cross-site scripting XSS vulnerabilities in ManageEngine Applications Manager 8.1 build 8100 allow remote attackers to inject arbitrary web script or HTML via the 1 showlink parameter to jsp/DiscoveryProfiles.jsp; the 2 attributeIDs, 3 attributeToSelect, 4 redirectto, and 5 resourceid...
CVE-2008-0476
This CVE affects ManageEngine Applications Manager 8.1 build 8100. The issue is a missing authentication check on monitorType.do and unspecified pages, enabling remote attackers to obtain sensitive information and change settings via unspecified vectors. The provided sources note the vulnerabilit...
CVE-2008-0474
CVE-2008-0474 affects ManageEngine Applications Manager 8.1 build 8100. The vulnerability is a set of cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via multiple parameters: showlink (jsp/DiscoveryProfiles.jsp); attributeIDs, attributeToSelect,...
CVE-2008-0476
ManageEngine Applications Manager 8.1 build 8100 does not check authentication for monitorType.do and unspecified other pages, which allows remote attackers to obtain sensitive information and change settings via unspecified vectors. NOTE: the provenance of this information is unknown; the detail...
CVE-2008-0475
The CVE-2008-0475 entry concerns ManageEngine Applications Manager 8.1 build 8100, where an information-disclosure vulnerability allows remote attackers to obtain sensitive data from Home->Summary via an invalid URI, demonstrated by the "/-" path. The issue is described as an information discl...
ManageEngine Applications Manager Invalid URL Remote Information Disclosure
The version of ManageEngine Applications Manager installed on the remote host is affected by an information disclosure vulnerability due to the application returning a summary of monitor groups and alerts in response to a request with an invalid URL. A remote attacker, using a URL with an invalid...
Design/Logic Flaw
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and remote attack vectors, related to 1 Application Object Library component APP01, 2 Contracts Integration APP02, 3 Applications Manager APP04, 4 Marketing component APP05, and 5 Exchange component APP0...
CVE-2007-2127
Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 have unknown impact and remote attack vectors via 1 Application Object Library APPS04, iStore 2 APPS05 and 3 APPS06, 4 iSupport APPS07, 5 Trade Management APPS09, 6 Applications Manager APPS10, and 7 Oracle Report Manager APPS...