Max CVSS 7.5 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2016-6602 5.0
ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combin
09-10-2018 - 20:00 23-01-2017 - 21:59
CVE-2016-6603 5.0
ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header.
09-10-2018 - 20:00 23-01-2017 - 21:59
CVE-2016-6601 5.0
Directory traversal vulnerability in the file download functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to read arbitrary files via a .. (dot dot) in the fileName parameter to servlets/FetchFile.
09-10-2018 - 20:00 23-01-2017 - 21:59
CVE-2016-6600 7.5
Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbitrary JSP files via a .. (dot dot) in the fileName parameter to servlets/FileUploadServlet.
09-10-2018 - 20:00 23-01-2017 - 21:59
Back to Top Mark selected
Back to Top