35 matches found
EUVD-2009-3874
Malware in sbrugna...
EUVD-2019-16969
Malware in sbrugna...
EUVD-2019-16967
Malware in sbrugna...
ManageEngine NetFlow Analyzer 12.5.x < 12.5.657 / 12.6.x < 12.6.002 / 12.6.104 / 12.6.118 Authenticate Bypass
The version of ManageEngine NetFlow Analyzer running on the remote web server 12.5.x prior to 12.5.657, or 12.6.x prior to 12.6.002 / 12.6.104 / 12.6.118. It is, there, affected by an authentication bypass vulnerability. Due to the lack of proper request handling an unauthenticated, remote attack...
ManageEngine NetFlow Analyzer getDNSResolveOption Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ManageEngine NetFlow Analyzer. Authentication is required to exploit this vulnerability. The specific flaw exists within the getDNSResolveOption function. The issue results from the lack of proper...
PT-2022-23689
Name of the Vulnerable Software and Affected Versions Zoho ManageEngine OpManager versions before 2022-07-27 through 2022-07-28 Zoho ManageEngine OpManager Plus versions before 2022-07-27 through 2022-07-28 Zoho ManageEngine OpManager MSP versions before 2022-07-27 through 2022-07-28 Zoho...
CVE-2019-8926
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource...
Path traversal
An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet via the parameter schFilePath, allows remote authenticated users to bypass intended SecurityManager...
CVE-2019-7426
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the groupDesc, groupName, groupID, or task parameter...
CVE-2019-7427
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter...
CVE-2019-7425
XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter...
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal / Cross-Site Scripting
Exploit for jsp platform in category web applications !-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manageengine.com/products/netflow/?doc...
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal Cross-Site Scripting
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal Cross-Site Scripting !-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manage...
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 Traversal / XSS
!-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manageengine.com/products/netflow/?doc Softwa...
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal / Cross-Site Scripting
!-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manageengine.com/products/netflow/?doc Software Link: https://www.ma...
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 XSS
!-- Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone Date: 31-01-2019 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.manageengine.com/products/netflow/?doc Software Link:...
Multiple ZOHO Products Cross-Site Scripting Vulnerabilities
ZOHO ManageEngine Netflow Analyzer is a web-based bandwidth monitoring tool, and Network Configuration Manager is a suite of network configuration management, network change and configuration management NCCM software for configuring switches, routers, firewalls and other network devices. Network...
CVE-2018-10803
Cross-site scripting XSS vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 build 123125 allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF...
Cross site scripting
Cross-site scripting XSS vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 build 123125 allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF...
CVE-2018-10803
Cross-site scripting XSS vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 build 123125 allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF...