Zohocorp Manageengine_netflow_analyzer
6 CVEs affecting Zohocorp Manageengine_netflow_analyzer. Latest disclosed: 2015-06-09. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-4418 | | 2015-06-09 | Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to o… | |
CVE-2015-2961 | | 2015-06-09 | Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to hijack the authentication of admini… | |
CVE-2015-2960 | | 2015-06-09 | Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer build 10250 and earlier allows remote attackers to inject arbitrary web script or HTML via un… | |
CVE-2015-2959 | | 2015-06-09 | Zoho NetFlow Analyzer build 10250 and earlier does not check for administrative authorization, which allows remote attackers to obtain sensitive information, m… | |
CVE-2014-5446 | | 2014-12-04 | Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers… | |
CVE-2014-5445 | | 2014-12-04 | Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authent… |