cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2021-38116,https://securityvulnerability.io/vulnerability/CVE-2021-38116,Potential Privilege Escalation Vulnerability in iManager,"An elevation of privilege vulnerability has been identified in the OpenText iManager, affecting all versions prior to 3.2.5. This flaw allows an attacker to gain unauthorized access and control over system resources. Implementing the latest security updates is crucial to mitigate potential risks associated with this vulnerability and protect sensitive information from unauthorized modifications.",Opentext,Imanager,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-22T15:34:43.211Z,0 CVE-2021-38117,https://securityvulnerability.io/vulnerability/CVE-2021-38117,Potential Command Injection Vulnerability Discovered in OpenText iManager,"A command injection vulnerability has been identified in OpenText™ iManager 3.2.4.0000, which could allow an attacker to execute arbitrary commands on the system. This could lead to unauthorized control over the application, enabling further attacks or data breaches. It is crucial to address this vulnerability to ensure the integrity and security of the affected systems.",Opentext,Imanager,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-22T15:34:41.566Z,0 CVE-2021-38118,https://securityvulnerability.io/vulnerability/CVE-2021-38118,Possible Improper Input Validation Vulnerability Discovered in OpenText iManager 3.2.4.0000,"An improper input validation vulnerability has been identified in OpenText™ iManager version 3.2.4.0000. This issue may allow malicious actors to exploit the system by providing unexpected or harmful input, potentially leading to unauthorized access, data manipulation, or compromise. Users of the affected version are advised to assess their security posture and implement necessary updates to mitigate any risks associated with this vulnerability.",Opentext,Imanager,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-11-22T15:34:40.183Z,0 CVE-2021-38119,https://securityvulnerability.io/vulnerability/CVE-2021-38119,Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager,"A reflected cross-site scripting vulnerability has been identified in OpenText™ iManager version 3.2.4.0000. This vulnerability allows attackers to inject malicious scripts into the application, which could be executed in the context of a user's browser. As a result, users may inadvertently execute harmful scripts that could compromise their session or extract sensitive information. Organizations using OpenText™ iManager are advised to review their security posture and implement appropriate safeguards to mitigate the risk associated with this vulnerability.",Opentext,Imanager,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-11-22T15:34:38.178Z,0 CVE-2021-38134,https://securityvulnerability.io/vulnerability/CVE-2021-38134,iManager 3.2.5.0000 Vulnerable to XSS Attacks,"A cross-site scripting (XSS) vulnerability has been identified in the OpenText iManager 3.2.5.0000, specifically in the URL access component. This vulnerability permits an attacker to inject malicious scripts into the web interface. Successful exploitation could lead to unauthorized access and manipulation of user sessions. Organizations using this version of OpenText iManager are advised to implement security measures to sanitize input and upgrade to a secure version to mitigate potential risks.",Opentext,Imanager,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-11-22T15:34:36.023Z,0 CVE-2021-38135,https://securityvulnerability.io/vulnerability/CVE-2021-38135,iManager External Service Interaction Vulnerability,"An external service interaction vulnerability has been identified in OpenText iManager version 3.2.6.0000. This flaw enables attackers to exploit the system through unintended interactions with external services, posing security risks and potential unauthorized access. Users of the affected version should implement security measures to mitigate potential threats and ensure system integrity.",Opentext,Imanager,8.6,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-22T15:34:34.561Z,0 CVE-2022-26324,https://securityvulnerability.io/vulnerability/CVE-2022-26324,Possible XSS in iManager URL for access Component,An improperly sanitized URL in the OpenText iManager's access component may allow attackers to execute cross-site scripting (XSS) attacks. This vulnerability could enable unauthorized access to sensitive information or manipulation of webpage content. Organizations using OpenText iManager 3.2.6.0000 are advised to apply available patches and implement security best practices to mitigate potential risks associated with this flaw.,Opentext,Imanager,7.6,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-22T15:34:33.159Z,0 CVE-2023-24466,https://securityvulnerability.io/vulnerability/CVE-2023-24466,iManager GET Parameter Injection Vulnerability,"An XML External Entity Injection vulnerability has been identified in OpenText™ iManager, specifically within the GET parameter of version 3.2.6.0200. This security flaw can allow attackers to exploit XML input, leading to potential disclosure of sensitive information or unauthorized access to system resources. Proper validation and sanitization of XML data inputs are crucial to mitigating such risks and ensuring the safety of the environment.",Opentext,Imanager,7.5,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-22T15:34:31.683Z,0 CVE-2023-24467,https://securityvulnerability.io/vulnerability/CVE-2023-24467,iManager GET Parameter Vulnerability,"A vulnerability in OpenText™ iManager allows for command injection through the manipulation of GET parameters. This flaw, identified in version 3.2.6.0000, could enable attackers to execute arbitrary commands on the server, potentially compromising user data and system integrity. Administrators are urged to assess their systems and apply necessary mitigations to address this security risk.",Opentext,Imanager,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-11-22T15:34:29.957Z,0 CVE-2020-11859,https://securityvulnerability.io/vulnerability/CVE-2020-11859,iManager vulnerable to XSS via Improper Input Validation,"An improper input validation vulnerability exists in OpenText iManager, which allows an attacker to exploit the application and execute Cross-Site Scripting (XSS) attacks. This vulnerability potentially permits the injection of malicious scripts into web pages viewed by other users, compromising their data and enabling session hijacking. Systems utilizing versions of iManager prior to 3.2.3 are susceptible to this security flaw, necessitating immediate action to upgrade to a secure version and mitigate risk.",Opentext,Imanager,5.4,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-11-06T14:10:59.925Z,0 CVE-2024-4429,https://securityvulnerability.io/vulnerability/CVE-2024-4429,iManager 3.2.6.0200 Vulnerable to Cross-Site Request Forgery,"Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information disclosure.",Opentext,Imanager,5.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-28T14:38:18.675Z,0 CVE-2024-3969,https://securityvulnerability.io/vulnerability/CVE-2024-3969,Remote Code Execution Vulnerability in OpenText iManager,"An XML External Entity (XXE) injection vulnerability has been identified in OpenText iManager version 3.2.6.0200, which could facilitate a remote attacker to execute arbitrary code. This vulnerability arises when untrusted XML payloads are processed, potentially compromising the security of the system. As maliciously crafted XML can be parsed, there is an elevated risk of unauthorized access and exploitation, necessitating prompt remediation actions.",Opentext,Imanager,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-28T14:38:06.307Z,0 CVE-2024-3488,https://securityvulnerability.io/vulnerability/CVE-2024-3488,Unauthenticated File Upload Vulnerability,"File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication. ",Opentext,Imanager,5.6,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-15T16:47:41.613Z,0 CVE-2024-3487,https://securityvulnerability.io/vulnerability/CVE-2024-3487,Broken Authentication Vulnerability Discovered in OpenText iManager,"Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication. ",Opentext,Imanager,3.5,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-05-15T16:47:07.862Z,0 CVE-2024-3486,https://securityvulnerability.io/vulnerability/CVE-2024-3486,iManager XML External Entity Injection Vulnerability Could Lead to Information Disclosure and Remote Code Execution,"The XML External Entity injection vulnerability in OpenText™ iManager version 3.2.6.0200 poses significant security risks, including potential information disclosure and remote code execution. Attackers exploiting this vulnerability could manipulate XML parsers to access sensitive data and execute arbitrary code, undermining the integrity and confidentiality of affected systems. Timely patching and mitigation strategies are essential to safeguard against these threats.",Opentext,Imanager,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-15T16:46:03.081Z,0 CVE-2024-3485,https://securityvulnerability.io/vulnerability/CVE-2024-3485,Server Side Request Forgery Vulnerability Discovered in OpenText iManager,"Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure.",Opentext,Imanager,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-15T16:45:25.287Z,0 CVE-2024-3484,https://securityvulnerability.io/vulnerability/CVE-2024-3484,Path Traversal Vulnerability in OpenText iManager Could Lead to Privilege Escalation or File Disclosure,"Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file disclosure. ",Opentext,Imanager,5.7,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-05-15T16:44:51.636Z,0 CVE-2024-3483,https://securityvulnerability.io/vulnerability/CVE-2024-3483,iManager Vulnerable to Remote Code Execution and Command Injection,"A security flaw in OpenText iManager 3.2.6.0200 allows attackers to execute arbitrary commands via remote code execution. This vulnerability can exploit command injection techniques and results in insecure deserialization, potentially leading to unauthorized access and manipulation of system data. Immediate patching and thorough security assessments are recommended to mitigate the associated risks.",Opentext,Imanager,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-15T16:44:00.950Z,0 CVE-2024-3967,https://securityvulnerability.io/vulnerability/CVE-2024-3967,Remote Code Execution Vulnerability in OpenText iManager,"A vulnerability has been identified in OpenText iManager 3.2.6.0200 which allows for remote code execution through unsafe Java object deserialization. This security flaw poses a risk as it can lead to unauthorized access and manipulation of the system, allowing attackers to execute arbitrary code. Organizations using this version of iManager should take immediate action to mitigate the risks associated with this vulnerability.",Opentext,Imanager,7.6,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-15T16:40:10.253Z,0 CVE-2024-3968,https://securityvulnerability.io/vulnerability/CVE-2024-3968,Remote Code Execution Vulnerability in OpenText iManager,"A remote code execution vulnerability has been identified in OpenText™ iManager version 3.2.6.0200. This flaw allows an unauthorized attacker to execute arbitrary code on the affected system by exploiting a custom file upload task. Malicious actors can leverage this vulnerability to gain control over the server, potentially leading to data breaches and further exploitations. Users and administrators are urged to take immediate precautions and assess their systems for potential impacts.",Opentext,Imanager,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-15T16:39:39.515Z,0 CVE-2024-3970,https://securityvulnerability.io/vulnerability/CVE-2024-3970,Sensitive Information Disclosure Through Directory Traversal Vulnerability in OpenText iManager,"Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal.",Opentext,Imanager,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-15T16:39:21.361Z,0