CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-0475
https://notcve.org/view.php?id=CVE-2008-0475
29 Jan 2008 — ManageEngine Applications Manager 8.1 build 8100 allows remote attackers to obtain sensitive information ( Home->Summary) via an invalid URI, as demonstrated by the "/-" URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. ManageEngine Applications Manager 8.1 construcción 8100 permite a atacantes remotos obtener información sensible ( Home->Summary) a través de una URI no válida, como se demostró con la URI "/-". NOTA: la procedencia de est... • http://secunia.com/advisories/28332 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-0476
https://notcve.org/view.php?id=CVE-2008-0476
29 Jan 2008 — ManageEngine Applications Manager 8.1 build 8100 does not check authentication for monitorType.do and unspecified other pages, which allows remote attackers to obtain sensitive information and change settings via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. ManageEngine Applications Manager 8.1 construcción 8100 no valida la autenticación para monitorType.do y otras páginas no especificadas, lo cual permite a atacante... • http://secunia.com/advisories/28332 • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5891
https://notcve.org/view.php?id=CVE-2007-5891
08 Nov 2007 — Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) requestid, (2) fileid, (3) woMode, and (2) woID parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en jsp/Login.do de ManageEngien OpManager MSP Edition y OpMan... • http://osvdb.org/38437 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 2CVE-2007-2429 – ManageEngine Password Manager Pro Build 5401 - Database Remote Unauthorized Access
https://notcve.org/view.php?id=CVE-2007-2429
02 May 2007 — ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. ManageEngine PasswordManager Pro (PMP) permite a atacantes remotos obtener acceso administrativo a la base de datos inyectando cierta línea de comandos al programa mysq... • https://www.exploit-db.com/exploits/29931 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1642
https://notcve.org/view.php?id=CVE-2007-1642
24 Mar 2007 — Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request. Una vulnerabilidad no especificada en ManageEngine Firewall Analyzer permite a los usuarios autenticados remotos "access any common file" por medio de una petición de URL directa. • http://osvdb.org/34525 •