Filtered by vendor Manageengine
Subscribe
Total
46 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-2756 | 1 Manageengine | 1 Servicedesk Plus | 2011-07-18 | 5.0 MEDIUM | N/A |
FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 does not require authentication, which allows remote attackers to read files from a specific directory via unspecified vectors. | |||||
CVE-2010-2049 | 1 Manageengine | 1 Adaudit Plus | 2010-05-25 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in jsp/audit/reports/ExportReport.jsp in ManageEngine ADAudit Plus 4.0.0 build 4043 allows remote attackers to inject arbitrary web script or HTML via the reportList parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2009-4387 | 1 Manageengine | 2 Password Manager Pro, Password Manager Pro6.1 | 2009-12-22 | 4.3 MEDIUM | N/A |
The cross-site scripting (XSS) protection mechanism in ShowInContentAreaAction.do in ManageEngine Password Manager Pro (PMP) before 6.1 Build 6104 uses case-sensitive checks for malicious inputs, which allows remote attackers to inject arbitrary web script or HTML via the searchtext parameter and other unspecified inputs. | |||||
CVE-2007-2429 | 1 Manageengine | 1 Passwordmanager Pro | 2008-11-12 | 10.0 HIGH | N/A |
ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2008-1432 | 1 Manageengine | 1 Supportcenter Plus | 2008-09-05 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0.0 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, a related issue to CVE-2008-1299. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2008-1299 | 2 Manageengine, Microsoft | 2 Servicedesk Plus, Windows | 2008-09-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |