Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:8 a.m.8 views

CVE-2019-19774

An issue was discovered in Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. By running "select hostdetails from hostdetails" at the /event/runquery.do endpoint, it is possible to bypass the security restrictions that prevent even administrative users from viewing credential data...

8.8CVSS6.8AI score0.12517EPSS
Exploits5References1
Packet Storm
Packet Storm
added 2020/02/24 12:0 a.m.251 views

ManageEngine EventLog Analyzer 10.0 Information Disclosure

Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Date: 2020-02-23 Author:Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774 Vulnerability Name: Authenticated Information Disclosure in...

4CVSS8.8AI score0.12517EPSS
Exploits5
0day.today
0day.today
added 2020/02/24 12:0 a.m.107 views

ManageEngine EventLog Analyzer 10.0 - Information Disclosure Vulnerability

Exploit for java platform in category web applications Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Author: Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774 Vulnerability Name:...

4CVSS8.7AI score0.12517EPSS
Exploits5
CVE
CVE
added 2019/12/13 6:0 p.m.90 views

CVE-2019-19774

CVE-2019-19774 affects Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. An authenticated user can bypass access controls via the /event/runquery.do endpoint by executing the query select hostdetails from hostdetails, bypassing restrictions that prevent viewing credential data and ...

8.8CVSS8.7AI score0.12517EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder