Lucene search
K

95 matches found

Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.4 views

PT-2026-24766

NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the script test.jsp endpoint. Attackers can send POST requests with shell commands embedded in the 'content'...

9.8CVSS6.5AI score0.00756EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2017-7800

Malware in sbrugna...

7.5CVSS7.6AI score0.02905EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-7798

Malware in sbrugna...

7.5CVSS7.6AI score0.02902EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-2658

Malware in sbrugna...

4.8CVSS5.1AI score0.00518EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-2659

Malware in sbrugna...

9CVSS7AI score0.03278EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2019/12/17 12:0 a.m.6 views

VulnCheck KEV: CVE-2017-16608

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within exec.jsp. The issue results from the lack of proper validation of a...

9.8CVSS7.7AI score0.04312EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/02 12:0 a.m.2 views

NetGain Enterprise Manager OS Command Injection Vulnerability

NetGain Enterprise Manager EM is a plug-and-play hardware IT infrastructure monitoring and management appliance developed by NetGain Systems. NetGain Enterprise Manager EM before 10.0.57 suffers from an OS command injection vulnerability that can be exploited by a remote authenticated attacker to...

9CVSS7.8AI score0.03278EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/02 12:0 a.m.3 views

NetGain Enterprise Manager Cross-Site Scripting Vulnerability

NetGain Enterprise Manager EM is a plug-and-play hardware IT infrastructure monitoring and management appliance developed by NetGain Systems. A stored cross-site scripting vulnerability exists in NetGain Enterprise Manager EM before 10.1.12, which can be exploited by remote attackers to execute...

4.8CVSS5.3AI score0.00518EPSS
Exploits0References1
OSV
OSV
added 2018/11/01 5:29 p.m.4 views

CVE-2018-10586

NetGain Enterprise Manager EM is affected by multiple Stored Cross-Site Scripting XSS vulnerabilities in versions before 10.1.12...

4.8CVSS5.8AI score0.00518EPSS
Exploits0References1
NVD
NVD
added 2018/11/01 5:29 p.m.13 views

CVE-2018-10586

NetGain Enterprise Manager EM is affected by multiple Stored Cross-Site Scripting XSS vulnerabilities in versions before 10.1.12...

4.8CVSS5.1AI score0.00518EPSS
Exploits0References1
NVD
NVD
added 2018/11/01 5:29 p.m.12 views

CVE-2018-10587

NetGain Enterprise Manager EM is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code execution...

9CVSS7.5AI score0.03278EPSS
Exploits0References1
OSV
OSV
added 2018/11/01 5:29 p.m.3 views

CVE-2018-10587

NetGain Enterprise Manager EM is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code execution...

7.2CVSS6.1AI score0.03278EPSS
Exploits0References1
Prion
Prion
added 2018/11/01 5:29 p.m.17 views

Cross site scripting

NetGain Enterprise Manager EM is affected by multiple Stored Cross-Site Scripting XSS vulnerabilities in versions before 10.1.12...

3.5CVSS5AI score0.00518EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/11/01 5:0 p.m.45 views

CVE-2018-10587

CVE-2018-10587 affects NetGain Enterprise Manager (EM) prior to version 10.0.57. The connected sources confirm an OS command injection vulnerability that can be exploited by a remote authenticated attacker to inject arbitrary code, resulting in remote code execution. The issue is documented acros...

9CVSS7.3AI score0.03278EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/11/01 5:0 p.m.13 views

CVE-2018-10586

NetGain Enterprise Manager EM is affected by multiple Stored Cross-Site Scripting XSS vulnerabilities in versions before 10.1.12...

5.1AI score0.00518EPSS
Exploits0References1
CVE
CVE
added 2018/11/01 5:0 p.m.43 views

CVE-2018-10586

Product: NetGain Enterprise Manager (EM). Vulnerability: Stored Cross-Site Scripting (XSS) affecting EM prior to version 10.1.12. The CNVD/NVD entries confirm multiple stored XSS vulnerabilities in EM, allowing remote attackers to execute arbitrary script code or access sensitive browser-based in...

4.8CVSS5AI score0.00518EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/11/01 5:0 p.m.14 views

CVE-2018-10587

NetGain Enterprise Manager EM is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code execution...

7.5AI score0.03278EPSS
Exploits0References1
OSV
OSV
added 2018/01/23 1:29 a.m.3 views

CVE-2017-16605

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

6.5CVSS5.9AI score
Exploits0References2
OSV
OSV
added 2018/01/23 1:29 a.m.4 views

CVE-2017-16608

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within exec.jsp. The issue results from the lack of proper validation of a...

9.8CVSS6.2AI score0.04312EPSS
Exploits0References2
OSV
OSV
added 2018/01/23 1:29 a.m.3 views

CVE-2017-16609

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within download.jsp. The issue results from the lack of proper validation ...

7.5CVSS5.7AI score0.02905EPSS
Exploits0References2
Rows per page
Query Builder