Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
applications vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2008-1566
Cross-site scripting (XSS) vulnerability in Search.do in ManageEngine Applications Manager 8.x allows remote malicious users to inject arbitrary web script or HTML via the query parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from t...
Manageengine Applications Manager 8.1
Manageengine Applications Manager 8.2
7.5
CVSSv2
CVE-2016-9488
ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from remote SQL injection vulnerabilities. An unauthenticated attacker is able to access the URL /servlet/MenuHandlerServlet, which is vulnerable to SQL injection. The attacker could extract users'...
Manageengine Applications Manager 12.0
Manageengine Applications Manager 13.0
5.5
CVSSv2
CVE-2013-1520
Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0 and 4.6.6 allows remote authenticated users to affect confidentiality and integrity via vectors related to HTML Surround.
Oracle Industry Applications 4.6.0
Oracle Industry Applications 4.6.6
4.3
CVSSv2
CVE-2011-2309
Unspecified vulnerability in the Health Sciences - Oracle Clinical, Remote Data Capture component in Oracle Industry Applications 4.6 and 4.6.2 allows remote malicious users to affect integrity, related to RDC Help.
Oracle Industry Applications 4.6
Oracle Industry Applications 4.6.2
4.3
CVSSv2
CVE-2011-2323
Unspecified vulnerability in the Health Sciences - Oracle Thesaurus Management System component in Oracle Industry Applications 4.6.1 and 4.6.2 allows remote malicious users to affect integrity, related to TMS Help.
Oracle Industry Applications 4.6.1
Oracle Industry Applications 4.6.2
4.3
CVSSv2
CVE-2015-4793
Unspecified vulnerability in the Oracle Communications Convergence component in Oracle Communications Applications 2.0 and 3.0.1 allows remote malicious users to affect confidentiality via unknown vectors related to Mail Proxy.
Oracle Communications Applications 3.0.1
Oracle Communications Applications 2.0
4.3
CVSSv2
CVE-2016-9490
ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from a Reflected Cross-Site Scripting vulnerability. Applications Manager is prone to a Cross-Site Scripting vulnerability in parameter LIMIT, in URL path /DiagAlertAction.do?REQTYPE=AJAX&LIMIT=123...
Manageengine Applications Manager 13.0
Manageengine Applications Manager 12.0
4
CVSSv2
CVE-2012-1763
Unspecified vulnerability in the Oracle Clinical/Remote Data Capture component in Oracle Industry Applications 4.6.0 and 4.6.2 allows remote authenticated users to affect confidentiality, related to HTML Surround.
Oracle Industry Applications 4.6.0
Oracle Industry Applications 4.6.2
NA
CVE-2023-29442
Zoho ManageEngine Applications Manager prior to 16400 allows proxy.html DOM XSS.
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 16.3
6.5
CVSSv2
CVE-2020-14008
Zoho ManageEngine Applications Manager 14710 and before allows an authenticated admin user to upload a vulnerable jar in a specific location, which leads to remote code execution.
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 14.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »