Netgain-systems

Enterprise Manager

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9

CVE-2018-10587

  • EPSS 2.11%
  • Veröffentlicht 01.11.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:36

NetGain Enterprise Manager (EM) is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code execution.

4.8

CVE-2018-10586

  • EPSS 0.21%
  • Veröffentlicht 01.11.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:36

NetGain Enterprise Manager (EM) is affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities in versions before 10.1.12.

9.8

CVE-2017-17407

  • EPSS 6.41%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:17:52

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager v7.2.699 build 1001. Authentication is not required to exploit this vulnerability. The specific flaw exists within ...

9.8

CVE-2017-17406

  • EPSS 30.39%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:17:52

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within an exposed RMI registry, whi...

9.8

CVE-2017-16610

  • EPSS 31.25%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within upload_save_do.jsp. The issu...

7.5

CVE-2017-16609

  • EPSS 2.53%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within download.jsp. The is...

9.8

CVE-2017-16608

  • EPSS 13.5%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within exec.jsp. The issue results ...

7.5

CVE-2017-16607

  • EPSS 1.86%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within heapdumps.jsp. The i...

8.8

CVE-2017-16606

  • EPSS 42.98%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existi...

6.5

CVE-2017-16605

  • EPSS 1.73%
  • Veröffentlicht 23.01.2018 01:29:01
  • Zuletzt bearbeitet 21.11.2024 03:16:41

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authenticati...