4 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in EmployeeSearch.cc in ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 allow remote attackers to inject arbitrary web script or HTML via the 1 searchType and 2 searchString parameters, a different vulnerability than CVE-2010-3274...
CVE-2010-3274
Affected product/version: ManageEngine ADSelfService Plus (Zoho) prior to 4.5 Build 4500. Vulnerability type: Cross‑site scripting (XSS) in EmployeeSearch.cc, affecting the search functionality; exploits reflect user input back to the page. Impact/reason: Remote attackers can inject arbitrary scr...
CORE-2011-0103 - ZOHO ManageEngine ADSelfService multiple vulnerabilities
Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ ZOHO ManageEngine ADSelfService multiple vulnerabilities 1. Advisory Information Title: ZOHO ManageEngine ADSelfService multiple vulnerabilities Advisory ID: CORE-2011-0103 Advisory URL:...
ZOHO ManageEngine ADSelfService multiple vulnerabilities
Core Security Technologies - Corelabs Advisory ZOHO ManageEngine ADSelfService multiple vulnerabilities 1. Advisory Information Title: ZOHO ManageEngine ADSelfService multiple vulnerabilities Advisory ID: CORE-2011-0103 Advisory URL:...