Zohocorp Manageengine_eventlog_analyzer
8 CVEs affecting Zohocorp Manageengine_eventlog_analyzer. Latest disclosed: 2017-07-27. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-11687 | Medium | 6.1 | 2017-07-27 | Multiple Persistent cross-site scripting (XSS) vulnerabilities in Event log parsing and Display functions in Zoho ManageEngine Event Log Analyzer 11.4 and 11.5… |
CVE-2017-11686 | Medium | 6.1 | 2017-07-27 | Zoho ManageEngine Event Log Analyzer 11.4 and 11.5 allows remote attackers to obtain an authenticated user's password via XSS vulnerabilities or sniffing non-S… |
CVE-2017-11685 | Medium | 6.1 | 2017-07-27 | Multiple Reflective cross-site scripting (XSS) vulnerabilities in search and display of event data in Zoho ManageEngine Event Log Analyzer 11.4 and 11.5 allow… |
CVE-2015-7387 | | 2015-09-28 | ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and earlier allows remote attackers to bypass intended restrictions and execute arbitrary SQL commands via… | |
CVE-2014-6037 | | 2014-10-26 | Directory traversal vulnerability in the agentUpload servlet in ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 allows remote attackers t… | |
CVE-2014-6043 | | 2014-09-11 | ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 does not properly restrict access to the database browser, which allows remote authentica… | |
CVE-2014-4930 | | 2014-08-29 | Multiple cross-site scripting (XSS) vulnerabilities in event/index2.do in ManageEngine EventLog Analyzer before 9.0 build 9002 allow remote attackers to inject… | |
CVE-2014-5103 | | 2014-07-25 | Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine EventLog Analyzer 9 build 9000 allows remote attackers to inject arbitrary web script or HTML via… |