Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/22 10:8 a.m.7 views

CVE-2019-19774

An issue was discovered in Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. By running "select hostdetails from hostdetails" at the /event/runquery.do endpoint, it is possible to bypass the security restrictions that prevent even administrative users from viewing credential data...

8.8CVSS6.8AI score0.12517EPSS
Exploits5References1
packetstorm
packetstorm
added 2020/02/24 12:0 a.m.250 views

ManageEngine EventLog Analyzer 10.0 Information Disclosure

Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Date: 2020-02-23 Author:Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774 Vulnerability Name: Authenticated Information Disclosure in...

4CVSS8.8AI score0.12517EPSS
Exploits5
zdt
zdt
added 2020/02/24 12:0 a.m.107 views

ManageEngine EventLog Analyzer 10.0 - Information Disclosure Vulnerability

Exploit for java platform in category web applications Exploit Title: ManageEngine EventLog Analyzer 10.0 - Information Disclosure Author: Scott Goodwin Vendor: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/eventlog/ CVE: CVE-2019-19774 Vulnerability Name:...

4CVSS8.7AI score0.12517EPSS
Exploits5
cve
cve
added 2019/12/13 6:0 p.m.88 views

CVE-2019-19774

CVE-2019-19774 affects Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. An authenticated user can bypass access controls via the /event/runquery.do endpoint by executing the query select hostdetails from hostdetails, bypassing restrictions that prevent viewing credential data and ...

8.8CVSS8.7AI score0.12517EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder