Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-42847
Zoho ManageEngine ADAudit Plus prior to 7006 allows malicious users to write to, and execute, arbitrary files.
Zohocorp Manageengine Adaudit Plus 7.0
Zohocorp Manageengine Adaudit Plus
7.5
CVSSv2
CVE-2021-41081
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Network Configuration Manager 12.3
1 Github repository
7.5
CVSSv2
CVE-2021-41833
Zoho ManageEngine Patch Connect Plus prior to 90099 is vulnerable to unauthenticated remote code execution.
Zohocorp Manageengine Patch Connect Plus
Zohocorp Manageengine Patch Connect Plus 9.0.0
7.5
CVSSv2
CVE-2021-42002
Zoho ManageEngine ADManager Plus prior to 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
7.5
CVSSv2
CVE-2021-41080
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Network Configuration Manager 12.3
7.5
CVSSv2
CVE-2020-24743
An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows malicious users to gain escalated privileges via the resourceid parameter.
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 14.5
7.5
CVSSv2
CVE-2021-20136
ManageEngine Log360 Builds < 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled data...
Zohocorp Manageengine Log360 5.3
Zohocorp Manageengine Log360
7.5
CVSSv2
CVE-2021-40493
Zoho ManageEngine OpManager prior to 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
7.5
CVSSv2
CVE-2021-41075
The NetFlow Analyzer in Zoho ManageEngine OpManger prior to 125455 is vulnerable to SQL Injection in the Attacks Module API.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
7.5
CVSSv2
CVE-2021-38298
Zoho ManageEngine ADManager Plus prior to 7110 is vulnerable to blind XXE.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »