Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-44514
OpUtils in Zoho ManageEngine OpManager 12.5 prior to 125490 mishandles authentication for a few audit directories.
Zohocorp Manageengine Opmanager 12.5
668
VMScore
CVE-2021-43319
Zoho ManageEngine Network Configuration Manager prior to 125488 is vulnerable to command injection due to improper validation in the Ping functionality.
Zohocorp Manageengine Network Configuration Manager 11.0
Zohocorp Manageengine Network Configuration Manager 12.0
Zohocorp Manageengine Network Configuration Manager 12.1
Zohocorp Manageengine Network Configuration Manager 12.2
Zohocorp Manageengine Network Configuration Manager 12.3
Zohocorp Manageengine Network Configuration Manager 12.4
Zohocorp Manageengine Network Configuration Manager 12.5
668
VMScore
CVE-2021-42099
Zoho ManageEngine M365 Manager Plus prior to 4421 is vulnerable to file-upload remote code execution.
Zohocorp Manageengine M365 Manager Plus -
Zohocorp Manageengine M365 Manager Plus Build 4000
Zohocorp Manageengine M365 Manager Plus Build 4001
Zohocorp Manageengine M365 Manager Plus Build 4002
Zohocorp Manageengine M365 Manager Plus Build 4003
Zohocorp Manageengine M365 Manager Plus Build 4004
Zohocorp Manageengine M365 Manager Plus Build 4005
Zohocorp Manageengine M365 Manager Plus Build 4007
Zohocorp Manageengine M365 Manager Plus Build 4008
Zohocorp Manageengine M365 Manager Plus Build 4009
Zohocorp Manageengine M365 Manager Plus Build 4010
Zohocorp Manageengine M365 Manager Plus Build 4011
Zohocorp Manageengine M365 Manager Plus Build 4012
Zohocorp Manageengine M365 Manager Plus Build 4013
Zohocorp Manageengine M365 Manager Plus Build 4014
Zohocorp Manageengine M365 Manager Plus Build 4100
Zohocorp Manageengine M365 Manager Plus Build 4101
Zohocorp Manageengine M365 Manager Plus Build 4102
Zohocorp Manageengine M365 Manager Plus Build 4103
Zohocorp Manageengine M365 Manager Plus Build 4104
Zohocorp Manageengine M365 Manager Plus Build 4105
Zohocorp Manageengine M365 Manager Plus Build 4106
668
VMScore
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus prior to 11306, ServiceDesk Plus MSP prior to 10530, and SupportCenter Plus prior to 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Zohocorp Manageengine Servicedesk Plus 11.2
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus 11.3
Zohocorp Manageengine Servicedesk Plus 11.1
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
2 Github repositories
1 Article
668
VMScore
CVE-2021-41080
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Network Configuration Manager 12.3
668
VMScore
CVE-2021-41081
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Network Configuration Manager 12.3
1 Github repository
668
VMScore
CVE-2021-42002
Zoho ManageEngine ADManager Plus prior to 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
668
VMScore
CVE-2021-42847
Zoho ManageEngine ADAudit Plus prior to 7006 allows malicious users to write to, and execute, arbitrary files.
Zohocorp Manageengine Adaudit Plus 7.0
Zohocorp Manageengine Adaudit Plus
668
VMScore
CVE-2021-41833
Zoho ManageEngine Patch Connect Plus prior to 90099 is vulnerable to unauthenticated remote code execution.
Zohocorp Manageengine Patch Connect Plus
Zohocorp Manageengine Patch Connect Plus 9.0.0
668
VMScore
CVE-2020-24743
An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows malicious users to gain escalated privileges via the resourceid parameter.
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 14.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »