Web App Vulnerabilities

1. Introduction The ManageEngine ADAudit Plus ‘reportList’ parameter is vulnerable to a cross-site scripting (XSS) attack. This allows an attacker...

1. Introduction ManageEngine ADManager Plus has a cross-site scripting vulnerability in the ‘computerName’ parameter. This allows an attacker to inject...

1. Introduction ManageEngine ADManager Plus is an Active Directory management web application running on remote hosts. It allows administrators to...

1. Introduction ManageEngine ADSelfService Plus uses default administrative credentials (‘admin’ / ‘admin’) to protect access to its management interface. This...

1. Introduction ManageEngine ADSelfService Plus is a help desk management application used for self-service password resets and account administration. A...

1. Introduction The vulnerability ManageEngine Applications Manager Default Administrator Credentials allows an attacker to gain administrative access to a web...

1. Introduction The remote web server is running a server and application performance monitoring software product, ManageEngine Applications Manager Detection....

1. Introduction ManageEngine Desktop Central uses default administrative credentials, creating a security risk. This means an attacker could gain full...

1. Introduction ManageEngine DeviceExpert uses default administrative credentials, allowing unauthorized access to its web application interface. This vulnerability poses a...

1. Introduction ManageEngine DeviceExpert is a web-based network device configuration management application. A vulnerability exists that could allow an attacker...