Lucene search
K

235 matches found

CNNVD
CNNVD
added 2021/10/13 12:0 a.m.4 views

ZOHO ManageEngine OpManager SQL注入漏洞

ZOHO ManageEngine OpManager is an end-to-end integrated network management software that enables comprehensive, visual, unified and centralized monitoring and management of IT infrastructure, including network devices, servers, hosts, WAN links, applications and services, within an enterprise...

9.8CVSS6AI score0.03323EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/30 12:0 a.m.4 views

Plixer Scrutinizer NetFlow & sFlow Analyzer SQL注入漏洞

Plixer Scrutinizer is a network traffic analysis system that collects, analyzes, visualizes, and reports data from every network conversation and digital transaction to provide security and network intelligence. A SQL injection vulnerability exists in Plixer Scrutinizer version 19.0.2. An attacke...

7.5CVSS5.9AI score0.00984EPSS
Exploits0References3
Prion
Prion
added 2020/01/09 8:15 p.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in cgi-bin/scrutfaexclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter...

4.3CVSS6AI score0.02224EPSS
Exploits5References5Affected Software1
Cvelist
Cvelist
added 2020/01/09 7:47 p.m.28 views

CVE-2012-1260

Cross-site scripting XSS vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allows remote attackers to inject arbitrary web script or HTML via the newUser parameter. NOTE: this might not ...

6.3AI score0.02256EPSS
Exploits5References5
Cvelist
Cvelist
added 2020/01/09 7:47 p.m.19 views

CVE-2012-1259

Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the 1 addip parameter to cgi-bin/scrutfaexclusions.cgi, 2...

10AI score0.04247EPSS
Exploits7References5
CNVD
CNVD
added 2019/06/10 12:0 a.m.2 views

ZOHO ManageEngine Netflow Analyzer SQL Injection Vulnerability

ZOHO ManageEngine Netflow Analyzer is a set of web-based bandwidth monitoring tools. A SQL injection vulnerability exists in ZOHO ManageEngine Netflow Analyzer /client/api/json/v2/nfareports/compareReport, which can be exploited by remote attackers to submit a specially crafted SQL request to...

9.8CVSS8.3AI score0.69071EPSS
Exploits0References1
NVD
NVD
added 2019/06/05 6:29 p.m.24 views

CVE-2019-12196

A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter...

9.8CVSS9.9AI score0.69071EPSS
Exploits0References2
OSV
OSV
added 2019/06/05 6:29 p.m.3 views

CVE-2019-12196

A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter...

9.8CVSS7.6AI score
Exploits0References2
Prion
Prion
added 2019/06/05 6:29 p.m.13 views

Sql injection

A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter...

7.5CVSS9.8AI score0.69071EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/06/05 5:37 p.m.20 views

CVE-2019-12196

A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows attackers to execute arbitrary SQL commands via the DeviceID parameter...

10AI score0.69071EPSS
Exploits0References2
CVE
CVE
added 2019/06/05 5:37 p.m.60 views

CVE-2019-12196

CVE-2019-12196 affects Zoho ManageEngine NetFlow Analyzer 12.3, with a SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport. The issue is exploitable via the DeviceID parameter, allowing an attacker to execute arbitrary SQL commands. Public references across sources (NVD, R...

9.8CVSS9.8AI score0.69071EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2019/05/17 3:29 p.m.14 views

CVE-2019-8927

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, repschedule, repType, schDesc,...

6.1CVSS6AI score0.06347EPSS
Exploits5References4
OSV
OSV
added 2019/05/17 3:29 p.m.4 views

CVE-2019-8927

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, repschedule, repType, schDesc,...

6.1CVSS5.8AI score0.06347EPSS
Exploits5References4
Prion
Prion
added 2019/05/17 3:29 p.m.20 views

Cross site scripting

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype...

4.3CVSS6AI score0.11151EPSS
Exploits4References4Affected Software1
OSV
OSV
added 2019/05/17 3:29 p.m.4 views

CVE-2019-8929

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype...

6.1CVSS6.4AI score0.11151EPSS
Exploits4References4
Prion
Prion
added 2019/05/17 3:29 p.m.17 views

Cross site scripting

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, repschedule, repType, schDesc,...

4.3CVSS6AI score0.06347EPSS
Exploits5References4Affected Software1
NVD
NVD
added 2019/05/17 3:29 p.m.20 views

CVE-2019-8928

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName...

6.1CVSS6AI score0.06311EPSS
Exploits5References4
OSV
OSV
added 2019/05/17 3:29 p.m.5 views

CVE-2019-8928

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName...

6.1CVSS6.4AI score0.06311EPSS
Exploits5References4
Prion
Prion
added 2019/05/17 3:29 p.m.12 views

Cross site scripting

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName...

4.3CVSS6AI score0.06311EPSS
Exploits5References4Affected Software1
NVD
NVD
added 2019/05/17 3:29 p.m.23 views

CVE-2019-8929

An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype...

6.1CVSS6.1AI score0.11151EPSS
Exploits4References4
Rows per page
Query Builder