601 matches found
ManageEngine OpManager Login.do Multiple Parameter XSS
The remote host is running ManageEngine OpManager, a web-based network management application. The version of ManageEngine OpManager installed on the remote host fails to sanitize user input to the 'requestid' parameter of the 'jsp/Login.do' script before using it to generate dynamic content. An...
netflow-xss.txt
NetFlow Analizer 5 & OpManager 7 multiple XSS vendor url:http://www.adventnet.com/ advisore:http://lostmon.blogspot.com/2007/07/ netflow-analizer-5-opmanager-7-multiple.html vendor notify:yes exploits include:yes NetFlow Analizer and OpManager contains a flaw that allows a remote cross site...
CVE-2007-3594
Multiple cross-site scripting XSS vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter in a ping.do and b traceRoute.do in map/; the 2 reportName, 3 displayName, and 4 selectedNode parameters to c...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter in a ping.do and b traceRoute.do in map/; the 2 reportName, 3 displayName, and 4 selectedNode parameters to c...
CVE-2007-3594
Multiple cross-site scripting XSS vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter in a ping.do and b traceRoute.do in map/; the 2 reportName, 3 displayName, and 4 selectedNode parameters to c...
CVE-2007-3594
CVE-2007-3594 (OpManager) describes multiple cross-site scripting (XSS) vulnerabilities in ManageEngine OpManager 6 and 7. The issue allows remote attackers to inject arbitrary web script or HTML through several parameters across different URLs: (a) name in map/ping.do and map/traceRoute.do; (b) ...
OpManager 67 - adminServiceConfiguration.do?Operation Cross-Site Scripting
OpManager 67 - adminServiceConfiguration.do?Operation Cross-Site Scripting source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
OpManager 67 - traceRoute.do?name Cross-Site Scripting
OpManager 67 - traceRoute.do?name Cross-Site Scripting source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...
OpManager 67 - ping.do?name Cross-Site Scripting
OpManager 67 - ping.do?name Cross-Site Scripting source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script co...
OpManager 67 - reportsReportViewAction.do Multiple Cross-Site Scripting Vulnerabilities
OpManager 67 - reportsReportViewAction.do Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage thes...
OpManager 67 - adminDeviceAssociation.do Multiple Cross-Site Scripting Vulnerabilities
OpManager 67 - adminDeviceAssociation.do Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...
OpManager 6/7 - 'traceRoute.do?name' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
OpManager 6/7 - 'ping.do?name' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
OpManager 6/7 - reports/ReportViewAction.do Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
OpManager 6/7 - '/admin/DeviceAssociation.do' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
OpManager 6/7 - 'admin/ServiceConfiguration.do?Operation' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
CVE-2006-2343
Cross-site scripting XSS vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...
CVE-2006-2343
The provided documents identify CVE-2006-2343 as a cross-site scripting (XSS) vulnerability in ManageEngine OpManager 6.0, affecting the Search.do path via the searchTerm parameter. The root cause is improper handling of user-supplied input leading to injected web script/HTML. Impact is remote co...
CVE-2006-2343
Cross-site scripting XSS vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...