Vulnerabilities > Adventnet
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-21 | CVE-2007-6081 | Permissions, Privileges, and Access Controls vulnerability in Adventnet Eventlog Analyzer Build4030 AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote attackers to gain privileges and modify logs. | 7.5 |
2007-07-06 | CVE-2007-3594 | Cross-Site Scripting vulnerability in Adventnet Manageengine Netflow Analyzer 6/7 Multiple cross-site scripting (XSS) vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter in (a) ping.do and (b) traceRoute.do in map/; the (2) reportName, (3) displayName, and (4) selectedNode parameters to (c) reports/ReportViewAction.do; the (5) operation parameter to (d) admin/ServiceConfiguration.do; and the (6) selectedNode and (7) selectedTab parameters to (e) admin/DeviceAssociation.do. | 2.6 |
2007-07-06 | CVE-2007-3593 | Cross-Site Scripting vulnerability in Adventnet Manageengine Netflow Analyzer 5 Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine NetFlow Analyzer 5 allow remote attackers to inject arbitrary web script or HTML via the (1) alpha parameter in (a) netflow/jspui/applicationList.jsp, the (2) task parameter in (b) netflow/jspui/appConfig.jsp, the (3) view parameter in (c) netflow/jspui/index.jsp, and the (4) rtype parameter in (d) netflow/jspui/selectDevice.jsp and (e) netflow/jspui/customReport.jsp. | 4.3 |
2006-07-25 | CVE-2006-3842 | HTML Injection vulnerability in Adventnet Zoho Virtual Office 3.2Build3210 Cross-site scripting (XSS) vulnerability in Zoho Virtual Office 3.2 Build 3210 allows remote attackers to execute arbitrary web script or HTML via an HTML message. network adventnet | 4.3 |
2006-05-12 | CVE-2006-2343 | Cross-Site Scripting vulnerability in Adventnet Manageengine Opmanager 6.0 Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine OpManager 6.0 allows remote attackers to inject arbitrary web script or HTML via the searchTerm parameter. network adventnet | 5.8 |
2005-11-06 | CVE-2005-3522 | Cross-Site Scripting vulnerability in Adventnet Manageengine Netflow Analyzer 4.0.2 Cross-site scripting (XSS) vulnerability in index.jsp in ManageEngine Netflow Analyzer 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the grDisp parameter. network adventnet | 4.3 |