Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoho vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-12541
An issue exists in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SolutionSearch.do searchText parameter.
Zohocorp Manageengine Servicedesk Plus 9.3
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2018-20173
Zoho ManageEngine OpManager 12.3 prior to 123238 allows SQL injection via the getGraphData API.
Zohocorp Manageengine Opmanager 12.3
4.3
CVSSv2
CVE-2018-20484
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.
Zohocorp Manageengine Adselfservice Plus 5.7
1 EDB exploit
4.3
CVSSv2
CVE-2018-20485
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the employee search feature.
Zohocorp Manageengine Adselfservice Plus 4.5
Zohocorp Manageengine Adselfservice Plus 5.0
Zohocorp Manageengine Adselfservice Plus 5.1
Zohocorp Manageengine Adselfservice Plus 5.2
Zohocorp Manageengine Adselfservice Plus 5.3
Zohocorp Manageengine Adselfservice Plus 5.5
Zohocorp Manageengine Adselfservice Plus 5.6
Zohocorp Manageengine Adselfservice Plus 5.7
Zohocorp Manageengine Adselfservice Plus 5.4
1 EDB exploit
4.3
CVSSv2
CVE-2019-8926
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource.
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2019-8929
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/selectDevice.jsp file in these GET parameters: param and rtype.
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
1 EDB exploit
4
CVSSv2
CVE-2019-8925
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. An Absolute Path Traversal vulnerability in the Administration zone, in /netflow/servlet/CReportPDFServlet (via the parameter schFilePath), allows remote authenticated users to bypass intended SecurityMan...
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2019-8927
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Typ...
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2019-8928
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName.
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
1 EDB exploit
4
CVSSv2
CVE-2019-8394
Zoho ManageEngine ServiceDesk Plus (SDP) prior to 10.0 build 10012 allows remote malicious users to upload arbitrary files via login page customization.
Zohocorp Manageengine Servicedesk Plus
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »