Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine opmanager 12.5 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-27908
Zoho ManageEngine OpManager prior to 125588 (and prior to 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
9.8
CVSSv3
CVE-2022-29535
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
7.5
CVSSv3
CVE-2020-13818
In Zoho ManageEngine OpManager prior to 125144, when <cachestart> is used, directory traversal validation can be bypassed.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
8.2
CVSSv3
CVE-2022-35404
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Netflow Analyzer 12.5
Zohocorp Manageengine Netflow Analyzer
Zohocorp Manageengine Firewall Analyzer
Zohocorp Manageengine Firewall Analyzer 12.5
7.5
CVSSv3
CVE-2020-11946
Zoho ManageEngine OpManager prior to 125120 allows an unauthenticated user to retrieve an API key via a servlet call.
Zohocorp Manageengine Opmanager 12.5
9.8
CVSSv3
CVE-2021-44514
OpUtils in Zoho ManageEngine OpManager 12.5 prior to 125490 mishandles authentication for a few audit directories.
Zohocorp Manageengine Opmanager 12.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2