Vulnerabilities > Manageengine
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-07-17 | CVE-2011-2755 | Path Traversal vulnerability in Manageengine Servicedesk Plus 8.0 Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files via unspecified vectors. | 5.0 |
2010-05-25 | CVE-2010-2049 | Cross-Site Scripting vulnerability in Manageengine Adaudit Plus 4.0.0 Cross-site scripting (XSS) vulnerability in jsp/audit/reports/ExportReport.jsp in ManageEngine ADAudit Plus 4.0.0 build 4043 allows remote attackers to inject arbitrary web script or HTML via the reportList parameter. | 4.3 |
2010-03-23 | CVE-2010-1044 | SQL Injection vulnerability in Manageengine Oputils 5.0 SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter. | 7.5 |
2009-12-22 | CVE-2009-4387 | Cross-Site Scripting vulnerability in Manageengine Password Manager PRO and Password Manager Pro6.1 The cross-site scripting (XSS) protection mechanism in ShowInContentAreaAction.do in ManageEngine Password Manager Pro (PMP) before 6.1 Build 6104 uses case-sensitive checks for malicious inputs, which allows remote attackers to inject arbitrary web script or HTML via the searchtext parameter and other unspecified inputs. | 4.3 |
2009-11-06 | CVE-2009-3903 | Cross-Site Scripting vulnerability in Manageengine Netflow Analyzer 7.5 Multiple cross-site scripting (XSS) vulnerabilities in jspui/index.jsp in ManageEngine Netflow Analyzer 7.5 build 7500 allow remote attackers to inject arbitrary web script or HTML via the (1) view and (2) section parameters. | 4.3 |
2008-06-20 | CVE-2008-2797 | Cross-Site Scripting vulnerability in Manageengine Oputils 5.0 Cross-site scripting (XSS) vulnerability in MainLayout.do in ManageEngine OpUtils 5.0 allows remote attackers to inject arbitrary web script or HTML via the hostName parameter, when viewing an SNMP graph. | 4.3 |
2008-04-14 | CVE-2008-1775 | Cross-Site Scripting vulnerability in Manageengine Firewall Analyzer 4.0.3 Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine Firewall Analyzer 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the displayName parameter. | 3.5 |
2008-03-31 | CVE-2008-1566 | Cross-Site Scripting vulnerability in Manageengine Applications Manager 8.1/8.2 Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine Applications Manager 8.x allows remote attackers to inject arbitrary web script or HTML via the query parameter. | 4.3 |
2008-03-28 | CVE-2008-1538 | Cross-Site Scripting vulnerability in Manageengine Eventlog Analyzer 5 Cross-site scripting (XSS) vulnerability in searchAction.do in ManageEngine EventLog Analyzer 5 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. | 4.3 |
2008-03-20 | CVE-2008-1432 | Cross-Site Scripting vulnerability in Manageengine Supportcenter Plus 7.0.0 Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0.0 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, a related issue to CVE-2008-1299. | 4.3 |