GCVE - cpe:2.3:a:manageengine:applications_manager:8.1_build

Approved changes feed: RSS · Atom

cpe:2.3:a:manageengine:applications_manager:8.1_build_8100:*:*:*:*:*:*:*

part: a version: 8.1_build_8100 update: *

Vendor	Manageengine (`b7eba64e-d5d7-5395-be8c-84fe138ee37e`)
Product	Applications Manager (`61b3f0cf-5771-570b-90af-8ce851915b9f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-0476`	vulnerable	2026-06-03 14:28:32.104039	Details available ManageEngine Applications Manager 8.1 build 8100 does not check authentication for monitorType.do and unspecified other pages, which allows remote attackers to obtain sensitive information and change settings via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: 2008-01-29T19:00:00.000Z Updated: 2024-08-07T07:46:54.715Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/39915 http://www.securityfocus.com/bid/27443 http://secunia.com/advisories/28332	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-0475`	vulnerable	2026-06-03 14:28:32.103746	Details available ManageEngine Applications Manager 8.1 build 8100 allows remote attackers to obtain sensitive information ( Home->Summary) via an invalid URI, as demonstrated by the "/-" URI. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: 2008-01-29T19:00:00.000Z Updated: 2024-08-07T07:46:54.843Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/27443 http://secunia.com/advisories/28332 https://exchange.xforce.ibmcloud.com/vulnerabilities/39917	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-0474`	vulnerable	2026-06-03 14:28:32.103384	Details available Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine Applications Manager 8.1 build 8100 allow remote attackers to inject arbitrary web script or HTML via the (1) showlink parameter to jsp/DiscoveryProfiles.jsp; the (2) attributeIDs, (3) attributeToSelect, (4) redirectto, and (5) resourceid parameters to (a) jsp/ThresholdActionConfiguration.jsp; the (6) page and (7) redirect parameters to (b) jsp/UpdateGlobalSettings.jsp; and the (8) haid and (9) returnpath parameters to (c) showTile.do. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: 2008-01-29T19:00:00.000Z Updated: 2024-08-07T07:46:54.868Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/27443 http://secunia.com/advisories/28332 https://exchange.xforce.ibmcloud.com/vulnerabilities/39914	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Applications Manager

PURL mappings

Vulnerability references

Contribute