CVE-2025-41437
- EPSS 0.04%
- Published 09.06.2025 10:44:08
- Last modified 09.06.2025 12:15:47
Zohocorp ManageEngine OpManager, NetFlow Analyzer, Network Configuration Manager, Firewall Analyzer and OpUtils versions 128565 and below are vulnerable to Reflected XSS on the login page.
CVE-2014-8678
- EPSS 0.38%
- Published 25.11.2014 15:59:07
- Last modified 12.04.2025 10:46:40
The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote attackers to "disclose" files via a crafted filename, related to "saveFile."
CVE-2010-1044
- EPSS 0.35%
- Published 23.03.2010 01:00:00
- Last modified 11.04.2025 00:51:21
SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execute arbitrary SQL commands via the isHttpPort parameter.
CVE-2008-2797
- EPSS 0.3%
- Published 20.06.2008 11:48:00
- Last modified 09.04.2025 00:30:58
Cross-site scripting (XSS) vulnerability in MainLayout.do in ManageEngine OpUtils 5.0 allows remote attackers to inject arbitrary web script or HTML via the hostName parameter, when viewing an SNMP graph. NOTE: the provenance of this information is ...