Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine applications manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-27733
Zoho ManageEngine Applications Manager prior to 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.
Zohocorp Manageengine Applications Manager 14.0
6.5
CVSSv2
CVE-2020-15927
Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the SAP module.
Zohocorp Manageengine Applications Manager 14.7
6.5
CVSSv2
CVE-2020-16267
Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the RCA module.
Zohocorp Manageengine Applications Manager 14.7
6.5
CVSSv2
CVE-2020-14008
Zoho ManageEngine Applications Manager 14710 and before allows an authenticated admin user to upload a vulnerable jar in a specific location, which leads to remote code execution.
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 14.0
6.5
CVSSv2
CVE-2019-19650
Zoho ManageEngine Applications Manager prior to 13640 allows a remote authenticated SQL injection via the Agent servlet agentid parameter to the Agent.java process function.
Zohocorp Manageengine Applications Manager
6.5
CVSSv2
CVE-2017-16542
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
Zohocorp Manageengine Applications Manager 13.0
1 EDB exploit
6.4
CVSSv2
CVE-2021-35512
An SSRF issue exists in Zoho ManageEngine Applications Manager build 15200.
Zohocorp Manageengine Applications Manager 15.2
5
CVSSv2
CVE-2020-10816
Zoho ManageEngine Applications Manager 14780 and before allows a remote unauthenticated malicious user to register managed servers via AAMRequestProcessor servlet.
Zohocorp Manageengine Applications Manager 14.7
5
CVSSv2
CVE-2019-19799
Zoho ManageEngine Applications Manager prior to 14600 allows a remote unauthenticated malicious user to disclose license related information via WieldFeedServlet servlet.
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 14.5
5
CVSSv2
CVE-2014-7863
The FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine Applications Manager prior to 11.9 build 11912, OpManager 8 up to and including 11.5 build 11400, and IT360 10.5 and previous versions does not properly restrict access, which allows remote attackers and rem...
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine It360
Zohocorp Manageengine Opmanager
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »