Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine applications manager vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2021-35512
An SSRF issue exists in Zoho ManageEngine Applications Manager build 15200.
Zohocorp Manageengine Applications Manager 15.2
383
VMScore
CVE-2017-11739
In Zoho ManageEngine Application Manager 13.1 Build 13100, an authenticated user, with administrative privileges, has the ability to add a widget on any dashboard. This widget can be a "Utility Widget" with a "Custom HTML or Text" field. Once this widget is cr...
Zohocorp Manageengine Applications Manager 13.1
605
VMScore
CVE-2017-11740
In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malicious script that can be executed on the r...
Zohocorp Manageengine Applications Manager 13.1
578
VMScore
CVE-2020-27733
Zoho ManageEngine Applications Manager prior to 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.
Zohocorp Manageengine Applications Manager 14.0
578
VMScore
CVE-2020-15927
Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the SAP module.
Zohocorp Manageengine Applications Manager 14.7
890
VMScore
CVE-2018-11808
Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an malicious user to delete any file and read certain files on the server in the context of the user (which by default is "NT AUTHORITY / SYSTEM...
Zohocorp Manageengine Applications Manager 13
1 Github repository
655
VMScore
CVE-2017-16542
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
Zohocorp Manageengine Applications Manager 13.0
1 EDB exploit
755
VMScore
CVE-2017-16543
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.
Zohocorp Manageengine Applications Manager 13.0
1 EDB exploit
668
VMScore
CVE-2017-16849
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do?method=viewDashBoard forpage parameter.
Zohocorp Manageengine Applications Manager 13.0
755
VMScore
CVE-2014-7864
Multiple SQL injection vulnerabilities in the FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine OpManager 8 up to and including 11.5 build 11400 and IT360 10.5 and previous versions allow remote attackers and remote authenticated users to execute arbitrary SQL ...
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 11.5
Zohocorp Manageengine Opmanager 9.2
Zohocorp Manageengine Opmanager 9.1
Zohocorp Manageengine Opmanager 11.1
Zohocorp Manageengine Opmanager 11.0
Zohocorp Manageengine Opmanager 10.2
Zohocorp Manageengine Opmanager 9.4
Zohocorp Manageengine Opmanager 11.3
Zohocorp Manageengine Opmanager 11.2
Zohocorp Manageengine Opmanager 9.0
Zohocorp Manageengine Opmanager 8.8
Zohocorp Manageengine Opmanager 10.1
Zohocorp Manageengine Opmanager 10.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »