Lucene search
K

31 matches found

CNVD
CNVD
added 2019/01/04 12:0 a.m.4 views

Zoho ManageEngine ADSelfService Plus XML External Entity Injection Vulnerability

ZOHO ManageEngine ADSelfService Plus is a Web-based end-user password management software from ZOHO. An XML external entity injection vulnerability exists in ZOHO ManageEngine ADSelfService Plus prior to 5.x build 5701, which can be exploited by an attacker to conduct XXE attacks via an uploaded...

9.8CVSS7.5AI score0.0805EPSS
Exploits0References1
htbridge
htbridge
added 2015/12/21 12:0 a.m.1050 views

SQL Injection in Osclass

High-Tech Bridge Security Research Lab discovered a high-risk SQL injection vulnerability in Osclass, a popular web-based software for building customized classifieds marketplace. The vulnerability can be exploited to gain access to potentially sensitive information in the application database an...

8.9AI score
Exploits0Affected Software1
0day.today
0day.today
added 2015/06/20 12:0 a.m.43 views

ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities

Exploit for multiple platform in category web applications Document Title: =============== ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities Product & Service Introduction: =============================== SupportCenter Plus is a web-based customer support software that lets...

7.1AI score
Exploits0
CNVD
CNVD
added 2015/06/09 12:0 a.m.5 views

SysAid Help Desk Arbitrary File Upload Vulnerability

SysAid Help Desk is a suite of Web-based IT management software. SysAid Help Desk fails to check file extensions, allowing remote attackers to upload and execute arbitrary files by submitting extensions containing null bytes...

6.8CVSS7.6AI score0.33791EPSS
Exploits10References1
securityvulns
securityvulns
added 2015/01/19 12:0 a.m.116 views

[The ManageOwnage Series, part XI]: Remote code execution in ServiceDesk, Asset Explorer, Support Center and IT360

Hi, This is part 11 of the ManageOwnage series. For previous parts, see 1. This time we have two remote code execution via file upload and directory traversal on several ManageEngine products - Service Desk Plus, Asset Explorer, Support Center and IT360. The first vulnerability can only be...

9CVSS0.7AI score0.78378EPSS
Exploits8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

MS SQL Server 2000,MS Jet 4.0 Engine Unicode Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5057/info Microsoft SQL Server is prone to a remotely exploitable unicode-based buffer overflow condition. This condition occurs when the OpenDataSource function is used with MS Jet Engine. This issue may be exploited to...

7.1AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2012/03/07 12:0 a.m.23 views

Promise WebPAM v2.2.0.13 Multiple Remote Vulnerabilities

Summary WebPAM is a web based Promise Array Management Software that's easy-to use, designed to simplify RAID storage management. WebPAM is specifically designed for Promise HBA. WebPAM can configure, manage or monitor Promise RAID products remotely from a web browser from anywhere in the world...

6.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/06/02 12:0 a.m.20 views

ManageEngine ADAudit Plus Detection

ADAudit Plus, a web-based Active Directory change auditing software, was detected on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid46788; scriptversion"1.7"; scriptcvsdate"Date: 2019/11/25"; scriptnameenglish:"ManageEngine ADAudit Plus Detection";...

5.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.20 views

Debian Security Advisory DSA 980-1 (tutos)

The remote host is missing an update to tutos announced via advisory DSA 980-1. Joxean Koret discovered several security problems in tutos, a web-based team organization software. The Common Vulnerabilities and Exposures Project identifies the following problems: CVE-2004-2161 An SQL injection...

7.5CVSS0.1AI score0.04087EPSS
Exploits2
Debian
Debian
added 2006/02/22 2:40 p.m.23 views

[SECURITY] [DSA 980-1] New tutos packages fix multiple vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 980-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 22nd, 2006 http://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.04087EPSS
Exploits2
securityvulns
securityvulns
added 2002/06/27 12:0 a.m.32 views

Noguska Nola 1.1.1 [ Intranet Business Management Software ]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Noguska Nola 1.1.1 Intranet Business Management Software .: Software Desciption :. - -- compied from their site -- Redefining the scope of Enterprise Software The NOLA web based software package allows your business to effortlessly reach further than...

Exploits0
Rows per page
Query Builder