603 matches found
CVE-2007-5891
Multiple cross-site scripting XSS vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote attackers to inject arbitrary web script or HTML via the 1 requestid, 2 fileid, 3 woMode, and 2 woID parameters. NOTE: the provenance of this information is...
CVE-2007-5891
ManageEngine OpManager MSP Edition and OpManager 7.0 are affected by multiple XSS vulnerabilities in jsp/Login.do, exploitable via the requestid, fileid, woMode, and woID parameters. The root cause is inadequate input sanitization in the Login.do script, allowing an unauthenticated, remote attack...
ManageEngine OpManager Login.do Multiple Parameter XSS
The remote host is running ManageEngine OpManager, a web-based network management application. The version of ManageEngine OpManager installed on the remote host fails to sanitize user input to the 'requestid' parameter of the 'jsp/Login.do' script before using it to generate dynamic content. An...
netflow-xss.txt
NetFlow Analizer 5 & OpManager 7 multiple XSS vendor url:http://www.adventnet.com/ advisore:http://lostmon.blogspot.com/2007/07/ netflow-analizer-5-opmanager-7-multiple.html vendor notify:yes exploits include:yes NetFlow Analizer and OpManager contains a flaw that allows a remote cross site...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter in a ping.do and b traceRoute.do in map/; the 2 reportName, 3 displayName, and 4 selectedNode parameters to c...
CVE-2007-3594
Multiple cross-site scripting XSS vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter in a ping.do and b traceRoute.do in map/; the 2 reportName, 3 displayName, and 4 selectedNode parameters to c...
CVE-2007-3594
Multiple cross-site scripting XSS vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote attackers to inject arbitrary web script or HTML via the 1 name parameter in a ping.do and b traceRoute.do in map/; the 2 reportName, 3 displayName, and 4 selectedNode parameters to c...
CVE-2007-3594
CVE-2007-3594 (OpManager) describes multiple cross-site scripting (XSS) vulnerabilities in ManageEngine OpManager 6 and 7. The issue allows remote attackers to inject arbitrary web script or HTML through several parameters across different URLs: (a) name in map/ping.do and map/traceRoute.do; (b) ...
OpManager 67 - adminServiceConfiguration.do?Operation Cross-Site Scripting
OpManager 67 - adminServiceConfiguration.do?Operation Cross-Site Scripting source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...
OpManager 67 - reportsReportViewAction.do Multiple Cross-Site Scripting Vulnerabilities
OpManager 67 - reportsReportViewAction.do Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage thes...
OpManager 67 - ping.do?name Cross-Site Scripting
OpManager 67 - ping.do?name Cross-Site Scripting source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script co...
OpManager 67 - adminDeviceAssociation.do Multiple Cross-Site Scripting Vulnerabilities
OpManager 67 - adminDeviceAssociation.do Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...
OpManager 67 - traceRoute.do?name Cross-Site Scripting
OpManager 67 - traceRoute.do?name Cross-Site Scripting source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary...
OpManager 6/7 - 'admin/ServiceConfiguration.do?Operation' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
OpManager 6/7 - 'ping.do?name' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
OpManager 6/7 - '/admin/DeviceAssociation.do' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
OpManager 6/7 - reports/ReportViewAction.do Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
OpManager 6/7 - 'traceRoute.do?name' Cross-Site Scripting
source: https://www.securityfocus.com/bid/24767/info OpManager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
CVE-2006-2343
Cross-site scripting XSS vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...
Cross site scripting
Cross-site scripting XSS vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...