Published: 29/01/2008 Updated: 08/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager 8.1 build 8100 allow remote malicious users to inject arbitrary web script or HTML via the (1) showlink parameter to jsp/DiscoveryProfiles.jsp; the (2) attributeIDs, (3) attributeToSelect, (4) redirectto, and (5) resourceid parameters to (a) jsp/ThresholdActionConfiguration.jsp; the (6) page and (7) redirect parameters to (b) jsp/UpdateGlobalSettings.jsp; and the (8) haid and (9) returnpath parameters to (c) showTile.do. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
manageengine applications manager 8.1_build_8100

Title: ====== ME Application Manager 10 - Multiple Web Vulnerabilities Date: ===== 2012-07-04 References: =========== wwwvulnerability-labcom/get_contentphp?id=627 VL-ID: ===== 627 Common Vulnerability Scoring System: ==================================== 72 Introduction: ============= ManageEngine Applications Manager is a serv ...

CWE-79 http://www.securityfocus.com/bid/27443 http://secunia.com/advisories/28332 https://exchange.xforce.ibmcloud.com/vulnerabilities/39914 https://nvd.nist.gov https://www.exploit-db.com/exploits/20171/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-0474

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect