3 matches found
CVE-2010-4840
CVE-2010-4840 affects ManageEngine EventLog Analyzer 6.1 where the Syslog server component (SysEvttCol.exe) contains multiple buffer overflows that can be triggered by a long Syslog PRI header sent to UDP ports 513 or 514. Successful exploitation may cause a denial-of-service (process crash) and ...
CVE-2010-4841
CVE-2010-4841 affects ManageEngine EventLog Analyzer 6.1. The issue comprises multiple cross-site scripting (XSS) vulnerabilities exploitable via HTTP parameters (HOST_ID, OS, GROUP, exportFile, load, type, tab on INDEX.do; reported on INDEX2.do; gId on hostlist.do; newWindow on globalSettings.do...
CVE-2008-1538
The CVE-2008-1538 entry describes a Cross-site scripting (XSS) vulnerability in ManageEngine EventLog Analyzer 5, exploitable through the searchAction.do endpoint via the searchText parameter. The root cause is inadequate sanitization/validation of user-supplied searchText, allowing remote attack...