Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
applications vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-2309
Unspecified vulnerability in the Health Sciences - Oracle Clinical, Remote Data Capture component in Oracle Industry Applications 4.6 and 4.6.2 allows remote malicious users to affect integrity, related to RDC Help.
Oracle Industry Applications 4.6
Oracle Industry Applications 4.6.2
7.5
CVSSv2
CVE-2016-9488
ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from remote SQL injection vulnerabilities. An unauthenticated attacker is able to access the URL /servlet/MenuHandlerServlet, which is vulnerable to SQL injection. The attacker could extract users'...
Manageengine Applications Manager 12.0
Manageengine Applications Manager 13.0
4.3
CVSSv2
CVE-2008-1566
Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine Applications Manager 8.x allows remote malicious users to inject arbitrary web script or HTML via the query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from t...
Manageengine Applications Manager 8.1
Manageengine Applications Manager 8.2
4
CVSSv2
CVE-2012-1763
Unspecified vulnerability in the Oracle Clinical/Remote Data Capture component in Oracle Industry Applications 4.6.0 and 4.6.2 allows remote authenticated users to affect confidentiality, related to HTML Surround.
Oracle Industry Applications 4.6.0
Oracle Industry Applications 4.6.2
4.3
CVSSv2
CVE-2016-9490
ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from a Reflected Cross-Site Scripting vulnerability. Applications Manager is prone to a Cross-Site Scripting vulnerability in parameter LIMIT, in URL path /DiagAlertAction.do?REQTYPE=AJAX&LIMIT=123...
Manageengine Applications Manager 13.0
Manageengine Applications Manager 12.0
5.5
CVSSv2
CVE-2013-1520
Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0 and 4.6.6 allows remote authenticated users to affect confidentiality and integrity via vectors related to HTML Surround.
Oracle Industry Applications 4.6.0
Oracle Industry Applications 4.6.6
4.3
CVSSv2
CVE-2015-4793
Unspecified vulnerability in the Oracle Communications Convergence component in Oracle Communications Applications 2.0 and 3.0.1 allows remote malicious users to affect confidentiality via unknown vectors related to Mail Proxy.
Oracle Communications Applications 3.0.1
Oracle Communications Applications 2.0
4.3
CVSSv2
CVE-2011-2323
Unspecified vulnerability in the Health Sciences - Oracle Thesaurus Management System component in Oracle Industry Applications 4.6.1 and 4.6.2 allows remote malicious users to affect integrity, related to TMS Help.
Oracle Industry Applications 4.6.1
Oracle Industry Applications 4.6.2
7.5
CVSSv2
CVE-2020-24743
An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows malicious users to gain escalated privileges via the resourceid parameter.
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 14.5
NA
CVE-2023-29442
Zoho ManageEngine Applications Manager prior to 16400 allows proxy.html DOM XSS.
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 16.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »