Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-28219
Cewolf in Zoho ManageEngine ADAudit Plus prior to 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution.
Zohocorp Manageengine Adaudit Plus 7.0
Zohocorp Manageengine Adaudit Plus
5 Github repositories
7.5
CVSSv2
CVE-2022-24305
Zoho ManageEngine SharePoint Manager Plus prior to 4329 is vulnerable to a sensitive data leak that leads to privilege escalation.
Zohocorp Manageengine Sharepoint Manager Plus -
7.5
CVSSv2
CVE-2022-24306
Zoho ManageEngine SharePoint Manager Plus prior to 4329 allows account takeover because authorization is mishandled.
Zohocorp Manageengine Sharepoint Manager Plus -
7.5
CVSSv2
CVE-2021-44525
Zoho ManageEngine PAM360 before build 5303 allows malicious users to modify a few aspects of application state because of a filter bypass in which authentication is not required.
Zohocorp Manageengine Pam360 5.3
Zohocorp Manageengine Pam360 5.2
Zohocorp Manageengine Pam360 5.1
Zohocorp Manageengine Pam360 5.0
Zohocorp Manageengine Pam360 4.5
Zohocorp Manageengine Pam360 4.1
Zohocorp Manageengine Pam360 4.0
7.5
CVSSv2
CVE-2021-44675
Zoho ManageEngine ServiceDesk Plus MSP prior to 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus Msp
7.5
CVSSv2
CVE-2021-44676
Zoho ManageEngine Access Manager Plus prior to 4203 allows anyone to view a few data elements (e.g., access control details) and modify a few aspects of the application state.
Zohocorp Manageengine Access Manager Plus 4.2
Zohocorp Manageengine Access Manager Plus 4.1
7.5
CVSSv2
CVE-2021-44514
OpUtils in Zoho ManageEngine OpManager 12.5 prior to 125490 mishandles authentication for a few audit directories.
Zohocorp Manageengine Opmanager 12.5
7.5
CVSSv2
CVE-2021-43319
Zoho ManageEngine Network Configuration Manager prior to 125488 is vulnerable to command injection due to improper validation in the Ping functionality.
Zohocorp Manageengine Network Configuration Manager 11.0
Zohocorp Manageengine Network Configuration Manager 12.0
Zohocorp Manageengine Network Configuration Manager 12.1
Zohocorp Manageengine Network Configuration Manager 12.2
Zohocorp Manageengine Network Configuration Manager 12.3
Zohocorp Manageengine Network Configuration Manager 12.4
Zohocorp Manageengine Network Configuration Manager 12.5
7.5
CVSSv2
CVE-2021-42099
Zoho ManageEngine M365 Manager Plus prior to 4421 is vulnerable to file-upload remote code execution.
Zohocorp Manageengine M365 Manager Plus -
Zohocorp Manageengine M365 Manager Plus Build 4000
Zohocorp Manageengine M365 Manager Plus Build 4001
Zohocorp Manageengine M365 Manager Plus Build 4002
Zohocorp Manageengine M365 Manager Plus Build 4003
Zohocorp Manageengine M365 Manager Plus Build 4004
Zohocorp Manageengine M365 Manager Plus Build 4005
Zohocorp Manageengine M365 Manager Plus Build 4007
Zohocorp Manageengine M365 Manager Plus Build 4008
Zohocorp Manageengine M365 Manager Plus Build 4009
Zohocorp Manageengine M365 Manager Plus Build 4010
Zohocorp Manageengine M365 Manager Plus Build 4011
Zohocorp Manageengine M365 Manager Plus Build 4012
Zohocorp Manageengine M365 Manager Plus Build 4013
Zohocorp Manageengine M365 Manager Plus Build 4014
Zohocorp Manageengine M365 Manager Plus Build 4100
Zohocorp Manageengine M365 Manager Plus Build 4101
Zohocorp Manageengine M365 Manager Plus Build 4102
Zohocorp Manageengine M365 Manager Plus Build 4103
Zohocorp Manageengine M365 Manager Plus Build 4104
Zohocorp Manageengine M365 Manager Plus Build 4105
Zohocorp Manageengine M365 Manager Plus Build 4106
7.5
CVSSv2
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus prior to 11306, ServiceDesk Plus MSP prior to 10530, and SupportCenter Plus prior to 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Zohocorp Manageengine Servicedesk Plus 11.2
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus 11.3
Zohocorp Manageengine Servicedesk Plus 11.1
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
2 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »