CVE-2025-41437
- EPSS 0.04%
- Published 09.06.2025 10:44:08
- Last modified 09.06.2025 12:15:47
Zohocorp ManageEngine OpManager, NetFlow Analyzer, Network Configuration Manager, Firewall Analyzer and OpUtils versions 128565 and below are vulnerable to Reflected XSS on the login page.
CVE-2012-4889
- EPSS 3.76%
- Published 10.09.2012 22:55:07
- Last modified 11.04.2025 00:51:21
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) subTab or (2) tab parameter to createAnomaly.do; (3) url, (4) subTab, or (5) tab param...
CVE-2012-4891
- EPSS 4.01%
- Published 10.09.2012 22:55:07
- Last modified 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in fw/index2.do in ManageEngine Firewall Analyzer 7.2 allows remote attackers to inject arbitrary web script or HTML via the url parameter, a different vector than CVE-2012-4889. NOTE: the provenance of this ...
CVE-2008-1775
- EPSS 0.21%
- Published 14.04.2008 16:05:00
- Last modified 09.04.2025 00:30:58
Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine Firewall Analyzer 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the displayName parameter. NOTE: the provenance of this information is unknown; the deta...
- EPSS 0.41%
- Published 24.03.2007 00:19:00
- Last modified 09.04.2025 00:30:58
Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request.