Lucene search
K

105 matches found

Prion
Prion
added 2018/01/23 1:29 a.m.16 views

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.699 build 1001. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific...

4CVSS6.5AI score0.03391EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/01/23 1:29 a.m.3 views

CVE-2017-16592

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific...

6.5CVSS5.3AI score0.03391EPSS
Exploits0References1
NVD
NVD
added 2018/01/23 1:29 a.m.19 views

CVE-2017-16592

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific...

6.5CVSS6.5AI score0.03391EPSS
Exploits0References1
Prion
Prion
added 2018/01/23 1:29 a.m.10 views

Design/Logic Flaw

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

4CVSS6.5AI score0.02116EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/01/23 1:0 a.m.22 views

CVE-2017-16604

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

6.6AI score0.02264EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/23 1:0 a.m.20 views

CVE-2017-16600

This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

6.5AI score0.02409EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/01/23 1:0 a.m.22 views

CVE-2017-16601

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

6.6AI score0.02264EPSS
Exploits0References1
CVE
CVE
added 2018/01/23 1:0 a.m.43 views

CVE-2017-16596

NetGain Systems Enterprise Manager 7.2.730 build 1034 is affected by CVE-2017-16596 due to a directory traversal/ improper validation flaw in the org.apache.jsp.u.jsp.designer.script_005fsamples_jsp servlet, which runs on port 8081 by default. Parsing the type parameter allows an attacker to use ...

6.5CVSS6.5AI score0.03391EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/01/23 1:0 a.m.52 views

CVE-2017-16591

NetGain Systems Enterprise Manager vulnerability CVE-2017-16591 involves the restore.download_005fdo_jsp servlet. The flaw arises when parsing the filename parameter, where user-supplied paths are not properly validated before file operations, enabling directory traversal. This affects installati...

6.5CVSS6.5AI score0.03391EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/01/23 1:0 a.m.50 views

CVE-2017-16590

CVE-2017-16590 affects NetGain Systems Enterprise Manager 7.2.699 build 1001. The vulnerability is in the MainFilter servlet where doFilter uses improper string matching, enabling an authentication bypass. It is a remote issue that requires user interaction to exploit and can allow an attacker to...

8.8CVSS8.9AI score0.03333EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/01/23 1:0 a.m.19 views

CVE-2017-16593

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

6.6AI score0.02116EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/23 1:0 a.m.25 views

CVE-2017-16596

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific...

6.5AI score0.03391EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/23 1:0 a.m.19 views

CVE-2017-17407

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager v7.2.699 build 1001. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the content parameter provided ...

9.7AI score0.0386EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/23 1:0 a.m.25 views

CVE-2017-16598

This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed...

8.9AI score0.04123EPSS
Exploits0References1
CVE
CVE
added 2018/01/23 1:0 a.m.40 views

CVE-2017-16597

CVE-2017-16597 affects NetGain Systems Enterprise Manager 7.2.730 build 1034. The issue is in TFtpServer handling of WRQ requests, where parsing of the Filename field does not properly validate a user-supplied path before using it in file operations, enabling remote code execution. Exploitation i...

9.8CVSS9.7AI score0.57295EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/01/23 1:0 a.m.55 views

CVE-2017-16600

NetGain Systems Enterprise Manager 7.2.730 build 1034 is affected by CVE-2017-16600 due to a directory traversal in the org.apache.jsp.u.jsp.reports.templates.network.traffic_005freport_jsp servlet. The flaw occurs when parsing the filename parameter, which is used for file operations without pro...

6.5CVSS6.5AI score0.02409EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/01/23 1:0 a.m.16 views

CVE-2017-16597

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ requests. When parsing the...

9.7AI score0.57295EPSS
Exploits0References1
CVE
CVE
added 2018/01/23 1:0 a.m.46 views

CVE-2017-16606

NetGain Systems Enterprise Manager 7.2.730 build 1034 is affected by CVE-2017-16606. The flaw is in the servlet org.apache.jsp.u.jsp._3d.add_005f3d_005fview_005fdo_jsp, which listens on TCP port 8081 by default. During parsing of the filename parameter, the application does not properly validate ...

8.8CVSS8.9AI score0.04123EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/01/23 1:0 a.m.47 views

CVE-2017-16603

CVE-2017-16603 affects NetGain Systems Enterprise Manager 7.2.730 build 1034. The flaw is in the org.apache.jsp.u.jsp.settings.upload_005ffile_005fdo_jsp servlet (port 8081 by default) where filename parameter handling fails to properly validate user-supplied data, allowing an attacker to upload ...

8.8CVSS9AI score0.54025EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/01/23 1:0 a.m.26 views

CVE-2017-16590

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of NetGain Systems Enterprise Manager 7.2.699 build 1001. User interaction is required to exploit this vulnerability. The specific flaw exists within the MainFilter servlet. The issue results from the...

8.9AI score0.03333EPSS
Exploits0References1
Rows per page
Query Builder