Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine opmanager 12.3 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-20338
Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section.
Zohocorp Manageengine Opmanager 12.3
7.5
CVSSv2
CVE-2018-20173
Zoho ManageEngine OpManager 12.3 prior to 123238 allows SQL injection via the getGraphData API.
Zohocorp Manageengine Opmanager 12.3
7.5
CVSSv2
CVE-2018-18949
Zoho ManageEngine OpManager 12.3 prior to 123222 has SQL Injection via Mail Server settings.
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 11.5
7.5
CVSSv2
CVE-2018-18475
Zoho ManageEngine OpManager prior to 12.3 build 123214 allows Unrestricted Arbitrary File Upload.
Zohocorp Manageengine Opmanager 12.3
7.5
CVSSv2
CVE-2018-17243
Global Search in Zoho ManageEngine OpManager prior to 12.3 123205 allows SQL Injection.
Zohocorp Manageengine Opmanager
7.2
CVSSv2
CVE-2019-12133
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current di...
Zohocorp Manageengine Mobile Device Manager Plus 9.0.0
Zohocorp Manageengine Patch Connect Plus 9.0.0
Zohocorp Manageengine Vulnerability Manager Plus 9.0.0
Zohocorp Manageengine Patch Manager Plus 9.0.0
Zohocorp Manageengine Browser Security Plus -
Zohocorp Manageengine Eventlog Analyzer 12.0.2
Zohocorp Manageengine Supportcenter Plus 8.1
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Oputils 11.0
Zohocorp Manageengine Desktop Central 10.0.380
Zohocorp Manageengine Firewall 12.0
Zohocorp Manageengine Key Manager Plus 5.6
Zohocorp Manageengine Password Manager Pro 9.9
Zohocorp Manageengine Analytics Plus 1.0
Zohocorp Manageengine Servicedesk Plus 10.0.0
Zohocorp Manageengine O365 Manager Plus 4.0
Zohocorp Manageengine Netflow Analyzer 11.0
Zohocorp Manageengine Network Configuration Manager 11.0
5
CVSSv2
CVE-2018-17283
Zoho ManageEngine OpManager prior to 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admin user via /api/json/v2/admin/addUser o...
Zohocorp Manageengine Opmanager
4.3
CVSSv2
CVE-2018-20339
Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section.
Zohocorp Manageengine Opmanager 12.3
4.3
CVSSv2
CVE-2018-19921
Zoho ManageEngine OpManager 12.3 prior to 123237 has XSS in the domain controller.
Zohocorp Manageengine Opmanager 123230
Zohocorp Manageengine Opmanager 123229
Zohocorp Manageengine Opmanager 123224
Zohocorp Manageengine Opmanager 123223
Zohocorp Manageengine Opmanager 123222
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 123231
Zohocorp Manageengine Opmanager 11.5
4.3
CVSSv2
CVE-2018-18715
Zoho ManageEngine OpManager 12.3 prior to 123219 has stored XSS.
Zohocorp Manageengine Opmanager 12.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »