149 matches found
CVE-2019-12537
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field...
CVE-2019-12596
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType...
CVE-2019-12595
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter...
CVE-2019-12597
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName...
Design/Logic Flaw
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field...
Design/Logic Flaw
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName...
Design/Logic Flaw
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType...
Cross site scripting
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter...
CVE-2019-12537
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field...
CVE-2019-12537
Zoho ManageEngine AssetExplorer is affected by a cross-site scripting (XSS) issue exposed via the SearchN.do search field. Multiple connected sources corroborate that the vulnerability enables XSS through this input point; however, none of the documents provide a concrete patch, fixed version, or...
CVE-2019-12595
Zoho ManageEngine AssetExplorer is affected by CVE-2019-12595 due to a cross-site scripting (XSS) vulnerability in the RCSettings.do rdsName parameter. The issue is documented with CVSS2 base 4.3 (MEDIUM) and CVSS3.1 base 6.1 (MEDIUM). Exploitation context and details vary across sources; no expl...
CVE-2019-12595
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter...
CVE-2019-12596
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType...
CVE-2019-12596
CVE-2019-12596 concerns Zoho ManageEngine AssetExplorer. Multiple sources confirm a cross-site scripting (XSS) vulnerability exploitable via the web endpoint SoftwareListView.do when using the parameters swType or swComplianceType. The issue is described consistently across NVD, Red Hat, CNVD, CV...
CVE-2019-12597
Zoho ManageEngine AssetExplorer is affected by a cross-site scripting (XSS) vulnerability described as CVE-2019-12597. The issue arises in ResourcesAttachments.jsp via the pageName parameter, enabling XSS. Multiple connected sources (Red Hat, CNVD, NVD mirrors, CVE lists, and vendor/security feed...
CVE-2019-12597
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName...
PT-2019-12884 · Zoho · Zoho Manageengine Assetexplorer
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine AssetExplorer affected versions not specified Description: An issue was discovered in Zoho ManageEngine AssetExplorer, where there is a cross-site scripting XSS issue via the ResourcesAttachments.jsp page with the pageName...
PT-2019-12841 · Zoho · Zoho Manageengine Assetexplorer
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine AssetExplorer affected versions not specified Description: An issue was discovered in Zoho ManageEngine AssetExplorer, where there is a cross-site scripting XSS issue via the "SearchN.do" search field. This allows for...
ZOHO ManageEngine AssetExplorer Cross-Site Scripting Vulnerability (CNVD-2018-20552)
ZOHO ManageEngine AssetExplorer is a suite of asset management software from ZOHO USA. The software provides asset tracking, scanning of IT assets and tracking of asset ownership. A cross-site scripting vulnerability exists in ZOHO ManageEngine AssetExplorer version 6.2.0, which can be exploited ...
CVE-2018-17596
In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter...