Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 up to and including 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zohocorp manageengine it360 10.3.0 |
||
zohocorp manageengine netflow analyzer 9.1 |
||
zohocorp manageengine netflow analyzer 9.5 |
||
zohocorp manageengine netflow analyzer 9.9 |
||
zohocorp manageengine netflow analyzer 10.0 |
||
zohocorp manageengine netflow analyzer 9.6 |
||
zohocorp manageengine netflow analyzer 9.7 |
||
zohocorp manageengine netflow analyzer 10.2 |
||
zohocorp manageengine netflow analyzer 9.8 |
||
zohocorp manageengine netflow analyzer 9.8.5 |
||
zohocorp manageengine netflow analyzer 8.6 |
||
zohocorp manageengine netflow analyzer 9.0 |
||
zohocorp manageengine netflow analyzer 9.8.6 |
||
zohocorp manageengine netflow analyzer 9.8.7 |