Lucene search
K

5125 matches found

NVD
NVD
added 2007/07/06 6:30 p.m.17 views

CVE-2007-3593

Multiple cross-site scripting XSS vulnerabilities in ManageEngine NetFlow Analyzer 5 allow remote attackers to inject arbitrary web script or HTML via the 1 alpha parameter in a netflow/jspui/applicationList.jsp, the 2 task parameter in b netflow/jspui/appConfig.jsp, the 3 view parameter in c...

4.3CVSS5.8AI score0.04103EPSS
Exploits0References9
NVD
NVD
added 2007/07/06 6:30 p.m.13 views

CVE-2007-3594

Multiple cross-site scripting XSS vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter in a ping.do and b traceRoute.do in map/; the 2 reportName, 3 displayName, and 4 selectedNode parameters to c...

2.6CVSS5.7AI score0.05766EPSS
Exploits1References13
Prion
Prion
added 2007/07/06 6:30 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ManageEngine NetFlow Analyzer 5 allow remote attackers to inject arbitrary web script or HTML via the 1 alpha parameter in a netflow/jspui/applicationList.jsp, the 2 task parameter in b netflow/jspui/appConfig.jsp, the 3 view parameter in c...

4.3CVSS6.1AI score0.04103EPSS
Exploits0References9Affected Software1
Prion
Prion
added 2007/07/06 6:30 p.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter in a ping.do and b traceRoute.do in map/; the 2 reportName, 3 displayName, and 4 selectedNode parameters to c...

2.6CVSS5.9AI score0.05766EPSS
Exploits1References13Affected Software1
Cvelist
Cvelist
added 2007/07/06 6:0 p.m.18 views

CVE-2007-3593

Multiple cross-site scripting XSS vulnerabilities in ManageEngine NetFlow Analyzer 5 allow remote attackers to inject arbitrary web script or HTML via the 1 alpha parameter in a netflow/jspui/applicationList.jsp, the 2 task parameter in b netflow/jspui/appConfig.jsp, the 3 view parameter in c...

5.8AI score0.04103EPSS
Exploits0References9
CVE
CVE
added 2007/07/06 6:0 p.m.61 views

CVE-2007-3594

CVE-2007-3594 (OpManager) describes multiple cross-site scripting (XSS) vulnerabilities in ManageEngine OpManager 6 and 7. The issue allows remote attackers to inject arbitrary web script or HTML through several parameters across different URLs: (a) name in map/ping.do and map/traceRoute.do; (b) ...

2.6CVSS5.7AI score0.05766EPSS
Exploits1References13Affected Software1
CVE
CVE
added 2007/07/06 6:0 p.m.49 views

CVE-2007-3593

CVE-2007-3593 involves multiple cross-site scripting (XSS) vulnerabilities in ManageEngine NetFlow Analyzer 5 . The flaws allow remote attackers to inject arbitrary web script or HTML through parameters in several JSP pages: (1) alpha in netflow/jspui/applicationList.jsp, (2) task in netflow/jspu...

4.3CVSS5.8AI score0.04103EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2007/07/06 6:0 p.m.22 views

CVE-2007-3594

Multiple cross-site scripting XSS vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter in a ping.do and b traceRoute.do in map/; the 2 reportName, 3 displayName, and 4 selectedNode parameters to c...

5.7AI score0.05766EPSS
Exploits1References13
NVD
NVD
added 2007/05/02 12:19 a.m.15 views

CVE-2007-2429

ManageEngine PasswordManager Pro PMP allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown; the details are...

10CVSS6.5AI score0.08024EPSS
Exploits1References2
Prion
Prion
added 2007/05/02 12:19 a.m.12 views

Information disclosure

ManageEngine PasswordManager Pro PMP allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown; the details are...

10CVSS7.1AI score0.08024EPSS
Exploits1References2
CVE
CVE
added 2007/05/02 12:0 a.m.47 views

CVE-2007-2429

CVE-2007-2429 affects ManageEngine PasswordManager Pro (PMP). The available records indicate that remote attackers could gain administrative access to the PMP database by injecting a specific command line for the mysql client (demonstrated by -port 2345 and -u root). This description is sourced f...

10CVSS6.6AI score0.08024EPSS
Exploits1References2Affected Software1
Exploit DB
Exploit DB
added 2007/04/27 12:0 a.m.22 views

ManageEngine Password Manager Pro Build 5401 - Database Remote Unauthorized Access

source: https://www.securityfocus.com/bid/23693/info ManageEngine Password Manager Pro is prone to a remote unauthorized-access vulnerability due to a design error. An attacker may leverage this issue to gain unauthorized access to the application's database with administrative privileges...

7AI score
Exploits0
exploitpack
exploitpack
added 2007/04/27 12:0 a.m.13 views

ManageEngine Password Manager Pro Build 5401 - Database Remote Unauthorized Access

ManageEngine Password Manager Pro Build 5401 - Database Remote Unauthorized Access source: https://www.securityfocus.com/bid/23693/info ManageEngine Password Manager Pro is prone to a remote unauthorized-access vulnerability due to a design error. An attacker may leverage this issue to gain...

0.6AI score
Exploits0
seebug.org
seebug.org
added 2007/03/28 12:0 a.m.10 views

ManageEngine Firewall Analyzer任意文件信息泄露漏洞

ManageEngine Firewall Analyzer是一款防火墙分析程序。 ManageEngine Firewall Analyzer存在设计错误,远程攻击者可以利用漏洞获得敏感信息。 授权用户使用"firewall analyzer"可以访问任何系统文件,可导致获得敏感信息。 ManageEngine Firewall Analyzer 4 目前没有详细解决方案提供: http://manageengine.adventnet.com/...

7.1AI score
Exploits0
NVD
NVD
added 2007/03/24 12:19 a.m.12 views

CVE-2007-1642

Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request...

4CVSS6.2AI score0.01206EPSS
Exploits0References8
Prion
Prion
added 2007/03/24 12:19 a.m.16 views

Cross site request forgery (csrf)

Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request...

4CVSS6.6AI score0.01206EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2007/03/24 12:0 a.m.50 views

CVE-2007-1642

Technical details about CVE-2007-1642 are not publicly provided in the supplied documents. Monitor for updates from official advisories and databases before drawing conclusions about affected versions or remediation.

4CVSS6.2AI score0.01206EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2007/03/24 12:0 a.m.19 views

CVE-2007-1642

Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request...

6.2AI score0.01206EPSS
Exploits0References8
securityvulns
securityvulns
added 2007/03/24 12:0 a.m.32 views

ManageEngine Firewall Analyzer arbitrary file disclosure to authorized user

"ManageEngine Firewall Analyzer is a web based firewall monitoring and log analysis tool that collects, analyses, and reports information on enterprise-wide firewalls, proxy servers, and radius servers. " a authorized user to the "firewall analyzer" can access any common file on the system, it is...

2.8AI score
Exploits0
NVD
NVD
added 2006/05/12 5:6 p.m.22 views

CVE-2006-2343

Cross-site scripting XSS vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...

5.8CVSS5.5AI score0.0118EPSS
Exploits0References4
Rows per page
Query Builder