Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ManageengineOputils

3 matches found

CVE
CVEadded 2008/06/20 10:0 a.m.46 views

CVE-2008-2797

The CVE-2008-2797 entry describes a Cross-site Scripting (XSS) vulnerability in ManageEngine OpUtils 5.0, specifically in MainLayout.do where the hostName parameter is used when viewing an SNMP graph. The underlying issue is unsanitized input in the hostName parameter that allows an attacker to i...

4.3CVSS5.6AI score0.00296EPSS
CVE
CVEadded 2010/03/22 6:17 p.m.46 views

CVE-2010-1044

CVE-2010-1044 describes a SQL injection vulnerability in the ManageEngine OpUtils 5.0 login path. Specifically, the vulnerable point is the Login.do handling of the isHttpPort parameter, which can be manipulated by an attacker to alter or append SQL commands. The result is remote execution of arb...

7.5CVSS8.7AI score0.00139EPSS
CVE
CVEadded 2014/11/25 3:0 p.m.46 views

CVE-2014-8678

Summary: CVE-2014-8678 affects ManageEngine OpUtils (ConfigSaveServlet) prior to build 71024. The vulnerability allows an unauthenticated remote attacker to disclose files by supplying a crafted filename, related to the saveFile handling. Root cause: improper sanitization/validation of the filena...

7.8CVSS6.8AI score0.00377EPSS