Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2014-0344
- EPSS 1.19%
- Published 29.03.2014 20:55:04
- Last modified 12.04.2025 10:46:40
Properties.do in ZOHO ManageEngine OpStor before build 8500 does not properly check privilege levels, which allows remote authenticated users to obtain Admin access by using the name parameter in conjunction with a true value of the edit parameter.
3.5
CVE-2014-2670
- EPSS 0.58%
- Published 29.03.2014 20:55:04
- Last modified 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in Properties.do in ZOHO ManageEngine OpStor before build 8500 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter, a different vulnerability than CVE-2014-0344.
1