Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2014-7862
The DCPluginServelet servlet in ManageEngine Desktop Central and Desktop Central MSP before build 90109 allows remote malicious users to create administrator accounts via an addPlugInUser action.
Zohocorp Desktop Central
1 EDB exploit
755
VMScore
CVE-2017-16543
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.
Zohocorp Manageengine Applications Manager 13.0
1 EDB exploit
755
VMScore
CVE-2017-11346
Zoho ManageEngine Desktop Central before build 100092 allows remote malicious users to execute arbitrary code via vectors involving the upload of help desk videos.
Zohocorp Manageengine Desktop Central
1 EDB exploit
755
VMScore
CVE-2014-7864
Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 up to and including 11.5 build 11400 and IT360 10.5 and previous versions allow remote attackers and remote authenticated users to execute arbitrary SQL ...
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 11.5
Zohocorp Manageengine Opmanager 9.2
Zohocorp Manageengine Opmanager 9.1
Zohocorp Manageengine Opmanager 11.1
Zohocorp Manageengine Opmanager 11.0
Zohocorp Manageengine Opmanager 10.2
Zohocorp Manageengine Opmanager 9.4
Zohocorp Manageengine Opmanager 11.3
Zohocorp Manageengine Opmanager 11.2
Zohocorp Manageengine Opmanager 9.0
Zohocorp Manageengine Opmanager 8.8
Zohocorp Manageengine Opmanager 10.1
Zohocorp Manageengine Opmanager 10.0
1 EDB exploit
755
VMScore
CVE-2014-3996
SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition prior to 9 build 90043, Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition pri...
Manageengine It360
Manageengine Password Manager Pro
Manageengine Desktop Central
1 EDB exploit
755
VMScore
CVE-2014-3997
SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360 and IT360 Managed Service Providers (MSP) edition prior to 10.3.3 build 10330, and ...
Zohocorp Manageengine Password Manager Pro 5.2
Zohocorp Manageengine Password Manager Pro 5.4
Zohocorp Manageengine Password Manager Pro 6.2
Zohocorp Manageengine Password Manager Pro 6.4
Zohocorp Manageengine Password Manager Pro 6.5
Zohocorp Manageengine Password Manager Pro 6.6
Zohocorp Manageengine Password Manager Pro 6.9
Zohocorp Manageengine Password Manager Pro 7.0
Zohocorp Manageengine Password Manager Pro 5.0
Zohocorp Manageengine Password Manager Pro 6.0
Zohocorp Manageengine Password Manager Pro 6.1
Zohocorp Manageengine Password Manager Pro 6.7
Zohocorp Manageengine Password Manager Pro 6.8
Zohocorp Manageengine Password Manager Pro 5.1
Zohocorp Manageengine Password Manager Pro 5.3
Zohocorp Manageengine Password Manager Pro 6.3
Zohocorp Manageengine It360
1 EDB exploit
755
VMScore
CVE-2014-6035
Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine OpManager 11.4, 11.3, and previous versions allows remote malicious users to write and execute arbitrary files via a .. (dot dot) in the FILENAME parameter.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 11.4
1 EDB exploit
755
VMScore
CVE-2010-1044
SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote malicious users to execute arbitrary SQL commands via the isHttpPort parameter.
Manageengine Oputils 5.0
1 EDB exploit
695
VMScore
CVE-2018-19374
Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin directory.
Zohocorp Manageengine Admanager Plus 6.6
1 EDB exploit
694
VMScore
CVE-2014-8678
The ConfigSaveServlet servlet in ManageEngine OpUtils before build 71024 allows remote malicious users to "disclose" files via a crafted filename, related to "saveFile."
Manageengine Oputils
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »