Netgain-systems

Enterprise Manager

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2018-10587

  • EPSS 3.28%
  • Veröffentlicht 01.11.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:36

NetGain Enterprise Manager (EM) is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code execution.

4.8

CVE-2018-10586

  • EPSS 0.52%
  • Veröffentlicht 01.11.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:36

NetGain Enterprise Manager (EM) is affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities in versions before 10.1.12.

9.8

CVE-2017-17407

  • EPSS 3.93%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:17:52

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager v7.2.699 build 1001. Authentication is not required to exploit this vulnerability. The specific flaw exists within ...

9.8

CVE-2017-17406

  • EPSS 4.58%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:17:52

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within an exposed RMI registry, whi...

9.8

CVE-2017-16610

  • EPSS 4.94%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within upload_save_do.jsp. The issu...

7.5

CVE-2017-16609

  • EPSS 2.91%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within download.jsp. The is...

9.8

CVE-2017-16608

  • EPSS 4.31%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within exec.jsp. The issue results ...

7.5

CVE-2017-16607

  • EPSS 2.9%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within heapdumps.jsp. The i...

8.8

CVE-2017-16606

  • EPSS 4.2%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existi...

6.5

CVE-2017-16605

  • EPSS 2.48%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authenticati...