CVE-2026-24443

EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the account management functionality of the Web Reports interface. The password change mechanism does not require validation of the current password before allowing a new password to be set. An attacker...

CVE-2026-24443

EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the account management functionality of the Web Reports interface. The password change mechanism does not require validation of the current password before allowing a new password to be set. An attacker...

CVE-2026-24443 EventSentry < 6.0.1.20 Web Reports Unverified Password Change

EventSentry versions prior to 6.0.1.20 contain an unverified password change vulnerability in the account management functionality of the Web Reports interface. The password change mechanism does not require validation of the current password before allowing a new password to be set. An attacker...

CVE-2026-24443

EventSentry

NETIKUS EventSentry 安全漏洞

NETIKUS EventSentry is a network monitoring software developed by the American company NETIKUS. Versions of NETIKUS EventSentry prior to 6.0.1.20 contained security vulnerabilities. These vulnerabilities stemmed from the unvalidated password change mechanism in the account management feature of t...

EUVD-2015-1322

Malware in sbrugna...

EUVD-2016-6030

Malware in sbrugna...

eventsentry.com XSS vulnerability

Open Bug Bounty ID: OBB-571583 Description| Value ---|--- Affected Website:| eventsentry.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Netikus EventSentry Cross-Site Scripting Vulnerability

Netikus EventSentry is an event log monitoring manager from NETIKUS.NET that provides real-time log analysis, memory event correlation and threat attack response. A cross-site scripting vulnerability exists in versions of Netikus EventSentry prior to 3.2.1.44. A remote attacker can exploit this...

CVE-2016-5077

Netikus EventSentry before 3.2.1.44 has XSS via SNMP...

CVE-2016-5077

Netikus EventSentry before 3.2.1.44 has XSS via SNMP...

Code injection

Netikus EventSentry before 3.2.1.44 has XSS via SNMP...

CVE-2016-5077

Netikus EventSentry is affected by a cross-site scripting (XSS) vulnerability via SNMP in versions prior to 3.2.1.44. Root cause: input processed via SNMP is reflected/processed in a way that enables script injection. Impact per CVSS: limited integrity impact, no confidentiality or availability i...

CVE-2016-5077

Netikus EventSentry before 3.2.1.44 has XSS via SNMP...

NETIKUS.NET EventSentry Cross-Site Scripting Vulnerability

NETIKUS.NET EventSentry is a set of event log management and Windows server monitoring software from NETIKUS.NET, USA. The software provides log management, network monitoring and real-time reporting. A cross-site scripting vulnerability exists in Web Reports in NETIKUS.NET EventSentry version...

CVE-2015-1180-xss-eventsentry

CVE-2015-1180-xss-eventsentry Information ---------------- Advisory by Octogence. Name: Reflected XSS Vulnerability in EventSentry Web Reports Interface Affected Software : EventSentry Affected Versions: 3.1.0 and possibly below Vendor Homepage : http://eventsentry.com/ Vulnerability Type :...

CVE-2015-1180

Cross-site scripting XSS vulnerability in the Web Reports in EventSentry 3.1.0 allows remote attackers to inject arbitrary web script or HTML via the pageId parameter to networktile/bullet...

Cross site scripting

Cross-site scripting XSS vulnerability in the Web Reports in EventSentry 3.1.0 allows remote attackers to inject arbitrary web script or HTML via the pageId parameter to networktile/bullet...

CVE-2015-1180

Cross-site scripting XSS vulnerability in the Web Reports in EventSentry 3.1.0 allows remote attackers to inject arbitrary web script or HTML via the pageId parameter to networktile/bullet...

CVE-2015-1180

EventSentry Web Reports (Web Reports) vulnerability CVE-2015-1180 affects version 3.1.0 (and possibly earlier) where the pageId parameter in the networktile/bullet endpoint is not properly filtered, enabling a reflected XSS via a crafted URL. The core issue is insufficient input sanitization for ...