470 matches found
CVE-2007-3593
Multiple cross-site scripting XSS vulnerabilities in ManageEngine NetFlow Analyzer 5 allow remote attackers to inject arbitrary web script or HTML via the 1 alpha parameter in a netflow/jspui/applicationList.jsp, the 2 task parameter in b netflow/jspui/appConfig.jsp, the 3 view parameter in c...
CVE-2007-3593
CVE-2007-3593 involves multiple cross-site scripting (XSS) vulnerabilities in ManageEngine NetFlow Analyzer 5 . The flaws allow remote attackers to inject arbitrary web script or HTML through parameters in several JSP pages: (1) alpha in netflow/jspui/applicationList.jsp, (2) task in netflow/jspu...
NetFlow Analyzer 5 - jspuiappConfig.jsp?task Cross-Site Scripting
NetFlow Analyzer 5 - jspuiappConfig.jsp?task Cross-Site Scripting source: https://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
NetFlow Analyzer 5 - jspuiselectDevice.jsp?rtype Cross-Site Scripting
NetFlow Analyzer 5 - jspuiselectDevice.jsp?rtype Cross-Site Scripting source: https://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
NetFlow Analyzer 5 - '/jspui/applicationList.jsp?alpha' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...
NetFlow Analyzer 5 - netflowjspuiindex.jsp?view Cross-Site Scripting
NetFlow Analyzer 5 - netflowjspuiindex.jsp?view Cross-Site Scripting source: https://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
NetFlow Analyzer 5 - '/jspui/selectDevice.jsp?rtype' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...
NetFlow Analyzer 5 - jspuiapplicationList.jsp?alpha Cross-Site Scripting
NetFlow Analyzer 5 - jspuiapplicationList.jsp?alpha Cross-Site Scripting source: https://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues...
NetFlow Analyzer 5 - jspuicustomReport.jsp?rtype Cross-Site Scripting
NetFlow Analyzer 5 - jspuicustomReport.jsp?rtype Cross-Site Scripting...
NetFlow Analyzer 5 - '/jspui/appConfig.jsp?task' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...
NetFlow Analyzer 5 - 'netflow/jspui/index.jsp?view' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...
NetFlow Analyzer 5 - '/jspui/customReport.jsp?rtype' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24766/info NetFlow Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user ...
Default credentials
Cisco Network Services CNS NetFlow Collection Engine NFC before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system...
CVE-2007-2282
Cisco Network Services CNS NetFlow Collection Engine NFC before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system...
CVE-2007-2282
Cisco NetFlow Collection Engine (NFC) before version 6.0 is affected by a default credentials issue: the nfcuser account uses a default password, allowing remote attackers to modify NFC configuration and, on Linux, gain login access to the host OS. This is due to default accounts in NFC prior to ...
Cisco NetFlow Collection Engine contains known default passwords
Overview A vulnerability in the Cisco NetFlow Collection Engine could allow a remote attacker to gain access to a vulnerable system. Description The Cisco Network Services CNS NetFlow Collection Engine NFC is a software package for supported UNIX platforms and is used to collect and monitor NetFl...
Default Passwords in NetFlow Collection Engine
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cisco Network Services NetFlow Collection Engine default account
Account with hardcoded password is used for NetFlow information gathering...
Cisco Security Advisory: Default Passwords in NetFlow Collection Engine
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Default Passwords in NetFlow Collection Engine Advisory ID: cisco-sa-20070425-nfc http://www.cisco.com/warp/public/707/cisco-sa-20070425-nfc.shtml Revision 1.0 For Public Release 2007 April 25 1600 UTC GMT -...
CVE-2005-3522
Cross-site scripting XSS vulnerability in index.jsp in ManageEngine Netflow Analyzer 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the grDisp parameter...