RSS   Vulnerabilities for 'Manageengine opstor'   RSS

2014-03-29
 
CVE-2014-2670

 

 
Cross-site scripting (XSS) vulnerability in Properties.do in ZOHO ManageEngine OpStor before build 8500 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter, a different vulnerability than CVE-2014-0344.

 
 
CVE-2014-0344

 

 
Properties.do in ZOHO ManageEngine OpStor before build 8500 does not properly check privilege levels, which allows remote authenticated users to obtain Admin access by using the name parameter in conjunction with a true value of the edit parameter.

 

 >>> Vendor: Zohocorp 47 Products
Manageengine netflow analyzer
Manageengine opmanager
Firewall analyzer
Opmanager
Servicedesk plus
Oputils
Webnms
Password manager pro
Manageengine adselfservice plus
Manageengine admanager plus
Manageengine assetexplorer
Manageengine opstor
Manageengine eventlog analyzer
Network configuration manager
Manageengine desktop central
Manageengine it360
Manageengine it plus
Manageengine social it plus
Manageengine supportcenter plus
Manageengine password manager pro
Webnms framework
Manageengine firewall analyzer
Site24x7 mobile network poller
Manageengine applications manager
Manageengine recovery manager plus
Manageengine servicedesk plus
Manageengine analytics plus
Manageengine browser security plus
Manageengine firewall
Manageengine key manager plus
Manageengine mobile device manager plus
Manageengine network configuration manager
Manageengine o365 manager plus
Manageengine oputils
Manageengine patch connect plus
Manageengine patch manager plus
Manageengine vulnerability manager plus
Manageengine desktop central managed service providers
Manageengine remote access plus
Manageengine adaudit plus
Manageengine datasecurity plus
Manageengine applications control plus
Manageengine servicedesk plus msp
Manageengine log360
Manageengine cloud security plus
Manageengine m365 manager plus
Manageengine sharepoint manager plus


Copyright 2024, cxsecurity.com

 

Back to Top