Vulnerabilities > Manageengine > Applications Manager > 8.1.build.8100
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-01-29 | CVE-2008-0476 | Improper Authentication vulnerability in Manageengine Applications Manager 8.1Build8100 ManageEngine Applications Manager 8.1 build 8100 does not check authentication for monitorType.do and unspecified other pages, which allows remote attackers to obtain sensitive information and change settings via unspecified vectors. | 6.4 |
2008-01-29 | CVE-2008-0475 | Improper Input Validation vulnerability in Manageengine Applications Manager 8.1Build8100 ManageEngine Applications Manager 8.1 build 8100 allows remote attackers to obtain sensitive information ( Home->Summary) via an invalid URI, as demonstrated by the "/-" URI. | 5.0 |
2008-01-29 | CVE-2008-0474 | Cross-Site Scripting vulnerability in Manageengine Applications Manager 8.1Build8100 Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager 8.1 build 8100 allow remote attackers to inject arbitrary web script or HTML via the (1) showlink parameter to jsp/DiscoveryProfiles.jsp; the (2) attributeIDs, (3) attributeToSelect, (4) redirectto, and (5) resourceid parameters to (a) jsp/ThresholdActionConfiguration.jsp; the (6) page and (7) redirect parameters to (b) jsp/UpdateGlobalSettings.jsp; and the (8) haid and (9) returnpath parameters to (c) showTile.do. | 4.3 |