Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine eventlog analyzer 9.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-6037
Directory traversal vulnerability in the agentUpload servlet in ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 allows remote malicious users to execute arbitrary code by uploading a ZIP file which contains an executable file with .. (dot dot) sequences in i...
Zohocorp Manageengine Eventlog Analyzer 9.0
Zohocorp Manageengine Eventlog Analyzer 8.2
2 EDB exploits
NA
CVE-2014-6043
ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 does not properly restrict access to the database browser, which allows remote authenticated users to obtain access to the database via a direct request to event/runQuery.do. Fixed in Build 10000.
Zohocorp Manageengine Eventlog Analyzer 9.0
Zohocorp Manageengine Eventlog Analyzer 8.2
1 EDB exploit
NA
CVE-2014-4930
Multiple cross-site scripting (XSS) vulnerabilities in event/index2.do in ManageEngine EventLog Analyzer prior to 9.0 build 9002 allow remote malicious users to inject arbitrary web script or HTML via the (1) width, (2) height, (3) url, (4) helpP, (5) tab, (6) module, (7) complet...
Zohocorp Manageengine Eventlog Analyzer
Zohocorp Manageengine Eventlog Analyzer 7.0
NA
CVE-2014-5103
Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine EventLog Analyzer 9 build 9000 allows remote malicious users to inject arbitrary web script or HTML via the j_username parameter to event/j_security_check. Fixed in Version 10 Build 10000.
Zohocorp Manageengine Eventlog Analyzer 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started