Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoho vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-41828
Zoho ManageEngine Remote Access Plus prior to 10.1.2121.1 has hardcoded credentials associated with resetPWD.xml.
Zohocorp Manageengine Remote Access Plus
9.8
CVSSv3
CVE-2022-29535
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
7.5
CVSSv3
CVE-2021-31160
Zoho ManageEngine ServiceDesk Plus MSP prior to 10521 allows an malicious user to access internal data.
Zohocorp Manageengine Servicedesk Plus 10.5
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Servicedesk Plus Msp 10.5
9.8
CVSSv3
CVE-2021-40177
Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite.
Zohocorp Manageengine Log360
Zohocorp Manageengine Log360 5.2
NA
CVE-2023-49332
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
6.1
CVSSv3
CVE-2019-11511
Zoho ManageEngine ADSelfService Plus before build 5708 has XSS via the mobile app API.
Zohocorp Manageengine Adselfservice Plus 5.7
9.8
CVSSv3
CVE-2023-48793
Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature.
Zohocorp Manageengine Adaudit Plus 7.2
Zohocorp Manageengine Adaudit Plus
9.8
CVSSv3
CVE-2022-24306
Zoho ManageEngine SharePoint Manager Plus prior to 4329 allows account takeover because authorization is mishandled.
Zohocorp Manageengine Sharepoint Manager Plus -
9.8
CVSSv3
CVE-2021-41833
Zoho ManageEngine Patch Connect Plus prior to 90099 is vulnerable to unauthenticated remote code execution.
Zohocorp Manageengine Patch Connect Plus
Zohocorp Manageengine Patch Connect Plus 9.0.0
8.8
CVSSv3
CVE-2020-35682
Zoho ManageEngine ServiceDesk Plus prior to 11134 allows an Authentication Bypass (only during SAML login).
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus 11.1
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »