Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine netflow analyzer vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-12997
Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows malicious u...
Zohocorp Manageengine Netflow Analyzer -
Zohocorp Firewall Analyzer -
Zohocorp Manageengine Opmanager -
Zohocorp Manageengine Oputils -
Zohocorp Manageengine Network Configuration Manager -
6.1
CVSSv3
CVE-2018-10803
Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 prior to 12.3.125 (build 123125) allows remote malicious users to inject arbitrary web script or HTML via a crafted description value. This can be exploited t...
Zohocorp Manageengine Netflow Analyzer
NA
CVE-2015-4418
Zoho NetFlow Analyzer build 10250 and previous versions does not have an off autocomplete attribute for a password field, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Zohocorp Manageengine Netflow Analyzer -
NA
CVE-2015-2961
Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and previous versions allows remote malicious users to hijack the authentication of administrators.
Zohocorp Manageengine Netflow Analyzer -
NA
CVE-2015-2959
Zoho NetFlow Analyzer build 10250 and previous versions does not check for administrative authorization, which allows remote malicious users to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role.
Zohocorp Manageengine Netflow Analyzer -
NA
CVE-2015-2960
Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer build 10250 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Zohocorp Manageengine Netflow Analyzer -
NA
CVE-2014-5446
Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 up to and including 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.
Zohocorp Manageengine It360 10.3.0
Zohocorp Manageengine Netflow Analyzer 9.1
Zohocorp Manageengine Netflow Analyzer 9.5
Zohocorp Manageengine Netflow Analyzer 9.9
Zohocorp Manageengine Netflow Analyzer 10.0
Zohocorp Manageengine Netflow Analyzer 9.6
Zohocorp Manageengine Netflow Analyzer 9.7
Zohocorp Manageengine Netflow Analyzer 10.2
Zohocorp Manageengine Netflow Analyzer 9.8
Zohocorp Manageengine Netflow Analyzer 9.8.5
Zohocorp Manageengine Netflow Analyzer 8.6
Zohocorp Manageengine Netflow Analyzer 9.0
Zohocorp Manageengine Netflow Analyzer 9.8.6
Zohocorp Manageengine Netflow Analyzer 9.8.7
1 EDB exploit
NA
CVE-2014-5445
Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 up to and including 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via a full pathname in the schFilePath parameter to the (1) CSVServlet o...
Zohocorp Manageengine It360 10.3.0
Zohocorp Manageengine Netflow Analyzer
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3