Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoho vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-17243
Global Search in Zoho ManageEngine OpManager prior to 12.3 123205 allows SQL Injection.
Zohocorp Manageengine Opmanager
5
CVSSv2
CVE-2021-31530
Zoho ManageEngine ServiceDesk Plus MSP prior to 10522 is vulnerable to Information Disclosure.
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Servicedesk Plus Msp 10.5
6.4
CVSSv2
CVE-2021-35512
An SSRF issue exists in Zoho ManageEngine Applications Manager build 15200.
Zohocorp Manageengine Applications Manager 15.2
3.5
CVSSv2
CVE-2022-25373
Zoho ManageEngine SupportCenter Plus prior to 11020 allows Stored XSS in the request history.
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus
NA
CVE-2023-22624
Zoho ManageEngine Exchange Reporter Plus prior to 5708 allows malicious users to conduct XXE attacks.
Zohocorp Manageengine Exchange Reporter Plus 5.7
Zohocorp Manageengine Exchange Reporter Plus
7.5
CVSSv2
CVE-2022-29535
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
7.5
CVSSv2
CVE-2021-37927
Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
7.5
CVSSv2
CVE-2017-16848
Zoho ManageEngine Applications Manager 13 allows SQL injection via the /manageConfMons.do groupname parameter.
Zohocorp Manageengine Applications Manager 13.0
5
CVSSv2
CVE-2021-41828
Zoho ManageEngine Remote Access Plus prior to 10.1.2121.1 has hardcoded credentials associated with resetPWD.xml.
Zohocorp Manageengine Remote Access Plus
7.5
CVSSv2
CVE-2021-37423
Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover.
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Adselfservice Plus 6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »