Information Disclosure in ManageEngine Applications Manager by Zoho Corporation
CVE-2008-0475

Currently unrated

Key Information:

Vendor: Manageengine
Status: Applications Manager
Vendor: CVE Published:; 29 January 2008

Summary

ManageEngine Applications Manager version 8.1 build 8100 is susceptible to an information disclosure vulnerability. Attackers can exploit this flaw by sending an invalid URI request, such as '/-', resulting in the unauthorized exposure of sensitive information present in the application's summary view. This vulnerability highlights the potential risk surrounding improper validation of user inputs and underscores the need for robust security measures in web applications.

References

http://www.securityfocus.com/bid/27443

vdb-entryx_refsource_BID

http://secunia.com/advisories/28332

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/39917

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 29, 2008
Vulnerability Reserved
Jan 29, 2008