235 matches found
CVE-2019-7423
CVE-2019-7423 affects Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2. The vulnerability is a Cross‑Site Scripting (XSS) in the Administration zone, in /netflow/jspui/editProfile.jsp, through the userName parameter. Root cause: likely improper handling/ sanitization of userName. Document...
CVE-2019-7423
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter...
CVE-2019-7422
CVE-2019-7422 affects Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2, with an XSS in the Administration zone /netflow/jspui/addMailSettings.jsp via the gF parameter. The connected PoC indicates exploitation of gF to inject script; remediation guidance in the packetStorm post suggests up...
CVE-2019-7422
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter...
Zoho ManageEngine Netflow Analyzer Cross-Site Scripting Vulnerability (CNVD-2019-05554)
ZOHO ManageEngine Netflow Analyzer is a set of Web-based broadband monitoring tools from ZOHO. A cross-site scripting vulnerability exists in Zoho ManageEngine Netflow Analyzer. No details of the vulnerability are provided at this time...
Zoho ManageEngine Netflow Analyzer Cross-Site Scripting Vulnerability (CNVD-2019-05552)
ZOHO ManageEngine Netflow Analyzer is a set of Web-based broadband monitoring tools from ZOHO. A cross-site scripting vulnerability exists in Zoho ManageEngine Netflow Analyzer. No details of the vulnerability are provided at this time...
Zoho ManageEngine Netflow Analyzer Cross-Site Scripting Vulnerability (CNVD-2019-05553)
ZOHO ManageEngine Netflow Analyzer is a set of Web-based broadband monitoring tools from ZOHO. A cross-site scripting vulnerability exists in Zoho ManageEngine Netflow Analyzer. No details of the vulnerability are provided at this time...
ZOHO ManageEngine Netflow Analyzer Cross-Site Scripting Vulnerability (CNVD-2019-32076)
ZOHO ManageEngine Netflow Analyzer is a set of Web-based bandwidth monitoring tools from ZOHO. The product is mainly used for bandwidth monitoring and traffic analysis. A cross-site scripting vulnerability exists in the /netflow/jspui/popup1.jsp file in ZOHO ManageEngine Netflow Analyzer...
ZOHO ManageEngine Netflow Analyzer Path Traversal Vulnerability
ZOHO ManageEngine Netflow Analyzer is a set of Web-based bandwidth monitoring tools from ZOHO. The product is mainly used for bandwidth monitoring and traffic analysis. A path traversal vulnerability exists in /netflow/servlet/CReportPDFServlet in ZOHO ManageEngine Netflow Analyzer Professional...
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal / Cross-Site Scripting
Exploit for jsp platform in category web applications !-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manageengine.com/products/netflow/?doc...
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 Traversal / XSS
!-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manageengine.com/products/netflow/?doc Softwa...
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal Cross-Site Scripting
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal Cross-Site Scripting !-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manage...
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal / Cross-Site Scripting
!-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manageengine.com/products/netflow/?doc Software Link: https://www.ma...
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 XSS
!-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manageengine.com/products/netflow/?doc Software Link:...
SolarWinds NetFlow Traffic Analyzer (NTA) Detection (Windows SMB Login)
SMB login-based detection of SolarWinds NetFlow Traffic Analyzer NTA. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Zoho ManageEngine 13 (13790 build) XSS / File Read / File Deletion
This issue has been reported to the vendor who has already published patches for this issue. https://www.manageengine.com/products/applicationsmanager/issues.html ========================== Advisory:Zoho manageengine Applications Manager Reflected XSSVulnerability Author: M3 From DBAppSecurity...
Access Control Error Vulnerability in Multiple ZOHO Products
ZOHO ManageEngine Netflow Analyzer is a web-based bandwidth monitoring tool, and Network Configuration Manager is a suite of network configuration management, network change and configuration management NCCM software for configuring switches, routers, firewalls and other network devices. Network...
CVE-2018-12997
Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows attackers to read certain...
Cross site scripting
A reflected Cross-site scripting XSS vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject...
CVE-2018-12998
A reflected Cross-site scripting XSS vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject...