CVE-2025-3651 Command Injection in iManage Work Desktop for Mac's Agent Service

Improper Verification of Source of a Communication Channel in Work Desktop for Mac versions 10.8.1.46 and earlier allows attackers to execute arbitrary commands via unauthorized access to the Agent service. This has been remediated in Work Desktop for Mac version 10.8.2.33...

CVE-2025-3651

CVE-2025-3651 concerns iManage Work Desktop for Mac. Affected: Work Desktop for Mac versions 10.8.1.46 and earlier. Root cause: improper verification of the source of a communication channel in the Agent service, enabling arbitrary command execution via unauthorized access. Impact: attacker can r...

CVE-2025-3651 Command Injection in iManage Work Desktop for Mac's Agent Service

Improper Verification of Source of a Communication Channel in Work Desktop for Mac versions 10.8.1.46 and earlier allows attackers to execute arbitrary commands via unauthorized access to the Agent service. This has been remediated in Work Desktop for Mac version 10.8.2.33...

iManage Work Desktop for Mac 安全漏洞

iManage Work Desktop for Mac is an application from iManage, Inc. A security vulnerability exists in iManage Work Desktop for Mac versions 10.8.1.46 and earlier, which stems from improper authentication of the source of a communication channel and could result in the execution of arbitrary comman...

CVE-2024-3485

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure...

SUSE CVE-2013-1088

Cross-site request forgery CSRF vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container...

SUSE CVE-2017-7432

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability...

CVE-2018-1347

The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting...

CVE-2017-7428

NetIQ iManager 3.x before 3.0.3.1 has an issue in the renegotiation of connection parameters with Tomcat...

CVE-2017-7431

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management...

CVE-2017-7432

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability...

CVE-2017-5186

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 9.0.2.2 use the deprecated MD5 hashing algorithm in a communications certificate...

NetIQ Access Manager Remote Code Execution Vulnerability

NetIQ Access Manager provides a simple, secure, and scalable solution to handle all your Web access needs. A remote code execution vulnerability exists in NetIQ Access Manager. The vulnerability is caused due to the iManager Certificate Server Management module allowing administrators to create...

CVE-2016-5757

iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials...

iManage CMS <= 4.0.12 (absolute_path) Remote File Inclusion

No description provided by source...

CVE-2006-3771

Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter to 1 articles.php, 2 contact.php, 3 displaypage.php, 4 faq.php, 5 mainbody.php, 6 news.php, 7...

Echo Security Advisory 2006.40

ECHO.OR.ID ECHOADV40$2006 --------------------------------------------------------------------------------------------------- ECHOADV40$2006 iManage CMS = 4.0.12 absolutepath Remote File Inclusion ---------------------------------------------------------------------------------------------------...

EUVD-2006-3765

Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter to 1 articles.php, 2 contact.php, 3 displaypage.php, 4 faq.php, 5 mainbody.php, 6 news.php, 7...

CVE-2006-3771

Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter to 1 articles.php, 2 contact.php, 3 displaypage.php, 4 faq.php, 5 mainbody.php, 6 news.php, 7...

CVE-2006-3771

The CVE-2006-3771 entries describe multiple PHP remote file inclusion vulnerabilities in iManage CMS 4.0.12 and earlier, exploitable via a URL in the absolute_path parameter to a long list of PHP files (articles.php, contact.php, displaypage.php, etc.) within component.php. The underlying issue i...