Lucene search
K

629 matches found

Prion
Prion
added 2008/01/29 8:0 p.m.19 views

Information disclosure

ManageEngine Applications Manager 8.1 build 8100 allows remote attackers to obtain sensitive information Home-Summary via an invalid URI, as demonstrated by the "/-" URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5CVSS6.7AI score0.01205EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/01/29 7:0 p.m.15 views

CVE-2008-0474

Multiple cross-site scripting XSS vulnerabilities in ManageEngine Applications Manager 8.1 build 8100 allow remote attackers to inject arbitrary web script or HTML via the 1 showlink parameter to jsp/DiscoveryProfiles.jsp; the 2 attributeIDs, 3 attributeToSelect, 4 redirectto, and 5 resourceid...

5.6AI score0.01446EPSS
Exploits0References3
CVE
CVE
added 2008/01/29 7:0 p.m.41 views

CVE-2008-0476

This CVE affects ManageEngine Applications Manager 8.1 build 8100. The issue is a missing authentication check on monitorType.do and unspecified pages, enabling remote attackers to obtain sensitive information and change settings via unspecified vectors. The provided sources note the vulnerabilit...

6.4CVSS6.5AI score0.01248EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2008/01/29 7:0 p.m.39 views

CVE-2008-0474

CVE-2008-0474 affects ManageEngine Applications Manager 8.1 build 8100. The vulnerability is a set of cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML via multiple parameters: showlink (jsp/DiscoveryProfiles.jsp); attributeIDs, attributeToSelect,...

4.3CVSS5.6AI score0.01446EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/01/29 7:0 p.m.16 views

CVE-2008-0476

ManageEngine Applications Manager 8.1 build 8100 does not check authentication for monitorType.do and unspecified other pages, which allows remote attackers to obtain sensitive information and change settings via unspecified vectors. NOTE: the provenance of this information is unknown; the detail...

6.5AI score0.01248EPSS
Exploits0References3
CVE
CVE
added 2008/01/29 7:0 p.m.49 views

CVE-2008-0475

The CVE-2008-0475 entry concerns ManageEngine Applications Manager 8.1 build 8100, where an information-disclosure vulnerability allows remote attackers to obtain sensitive data from Home->Summary via an invalid URI, demonstrated by the "/-" path. The issue is described as an information discl...

5CVSS6.2AI score0.01205EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/01/26 12:0 a.m.48 views

ManageEngine Applications Manager Invalid URL Remote Information Disclosure

The version of ManageEngine Applications Manager installed on the remote host is affected by an information disclosure vulnerability due to the application returning a summary of monitor groups and alerts in response to a request with an invalid URL. A remote attacker, using a URL with an invalid...

5CVSS5.2AI score0.01205EPSS
Exploits0References2
Prion
Prion
added 2007/10/17 11:17 p.m.32 views

Design/Logic Flaw

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and remote attack vectors, related to 1 Application Object Library component APP01, 2 Contracts Integration APP02, 3 Applications Manager APP04, 4 Marketing component APP05, and 5 Exchange component APP0...

7.5CVSS6.6AI score0.0187EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2007/04/18 6:19 p.m.19 views

CVE-2007-2127

Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.0 have unknown impact and remote attack vectors via 1 Application Object Library APPS04, iStore 2 APPS05 and 3 APPS06, 4 iSupport APPS07, 5 Trade Management APPS09, 6 Applications Manager APPS10, and 7 Oracle Report Manager APPS...

10CVSS6.3AI score0.02238EPSS
Exploits0References8
Rows per page
Query Builder