Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine opmanager - vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2017-11561
An issue exists in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell.
Zohocorp Manageengine Opmanager 12.2
7.5
CVSSv2
CVE-2018-20338
Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section.
Zohocorp Manageengine Opmanager 12.3
4.3
CVSSv2
CVE-2018-20339
Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section.
Zohocorp Manageengine Opmanager 12.3
7.5
CVSSv2
CVE-2018-20173
Zoho ManageEngine OpManager 12.3 prior to 123238 allows SQL injection via the getGraphData API.
Zohocorp Manageengine Opmanager 12.3
4.3
CVSSv2
CVE-2018-19921
Zoho ManageEngine OpManager 12.3 prior to 123237 has XSS in the domain controller.
Zohocorp Manageengine Opmanager 11.5
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Opmanager 123231
Zohocorp Manageengine Opmanager 123230
Zohocorp Manageengine Opmanager 123229
Zohocorp Manageengine Opmanager 123224
Zohocorp Manageengine Opmanager 123223
Zohocorp Manageengine Opmanager 123222
4.3
CVSSv2
CVE-2018-18715
Zoho ManageEngine OpManager 12.3 prior to 123219 has stored XSS.
Zohocorp Manageengine Opmanager 12.3
4.3
CVSSv2
CVE-2018-18716
Zoho ManageEngine OpManager 12.3 prior to 123219 has a Self XSS Vulnerability.
Zohocorp Manageengine Opmanager 11.5
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 12.3
4.3
CVSSv2
CVE-2018-19288
Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API.
Zohocorp Manageengine Opmanager 11.5
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 12.3
5
CVSSv2
CVE-2018-18980
An XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager prior to 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local...
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Opmanager
7.5
CVSSv2
CVE-2018-18949
Zoho ManageEngine OpManager 12.3 prior to 123222 has SQL Injection via Mail Server settings.
Zohocorp Manageengine Opmanager 11.5
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 12.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »