6 matches found
EUVD-2014-8514
Malware in sbrugna...
CVE-2014-8678
The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to "disclose" files via a crafted filename, related to "saveFile."...
Design/Logic Flaw
The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to "disclose" files via a crafted filename, related to "saveFile."...
CVE-2014-8678
The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to "disclose" files via a crafted filename, related to "saveFile."...
CVE-2014-8678
Summary: CVE-2014-8678 affects ManageEngine OpUtils (ConfigSaveServlet) prior to build 71024. The vulnerability allows an unauthenticated remote attacker to disclose files by supplying a crafted filename, related to the saveFile handling. Root cause: improper sanitization/validation of the filena...
ManageEngine OpUtils ConfigSaveServlet saveFile Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose files on vulnerable installations of ManageEngine OpUtils. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the ConfigSaveServlet servlet. The issue lies in the failure to properly...