Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-29535
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
7.5
CVSSv2
CVE-2022-29081
Zoho ManageEngine Access Manager Plus prior to 4302, Password Manager Pro prior to 12007, and PAM360 prior to 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. SSLAction. LicenseMgr. GetProductDetails. GetDashboard. FetchEvents. and Synchronize...
Zohocorp Manageengine Password Manager Pro 10.4
Zohocorp Manageengine Password Manager Pro 10.3
Zohocorp Manageengine Password Manager Pro 10.2
Zohocorp Manageengine Password Manager Pro 10.1
Zohocorp Manageengine Password Manager Pro 11.1
Zohocorp Manageengine Access Manager Plus 4.2
Zohocorp Manageengine Pam360 5.3
Zohocorp Manageengine Pam360 5.2
Zohocorp Manageengine Pam360 5.1
Zohocorp Manageengine Pam360 5.0
Zohocorp Manageengine Pam360 4.5
Zohocorp Manageengine Pam360 4.1
Zohocorp Manageengine Pam360 4.0
Zohocorp Manageengine Access Manager Plus 4.1
Zohocorp Manageengine Pam360 5.4
Zohocorp Manageengine Password Manager Pro 12.0
Zohocorp Manageengine Password Manager Pro 11.3
Zohocorp Manageengine Password Manager Pro 11.2
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus 4.0
6.5
CVSSv2
CVE-2022-29457
Zoho ManageEngine ADSelfService Plus prior to 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Adaudit Plus 7.0.0
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Exchange Reporter Plus 5.7
Zohocorp Manageengine Exchange Reporter Plus
6.5
CVSSv2
CVE-2022-27908
Zoho ManageEngine OpManager prior to 125588 (and prior to 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
7.1
CVSSv2
CVE-2022-28810
Zoho ManageEngine ADSelfService Plus before build 6122 allows a remote authenticated administrator to execute arbitrary operating OS commands as SYSTEM via the policy custom script feature. Due to the use of a default administrator password, attackers may be able to abuse this fu...
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus
5
CVSSv2
CVE-2022-26653
Zoho ManageEngine Remote Access Plus prior to 10.1.2137.15 allows guest users to view domain details (such as the username and GUID of an administrator).
Zohocorp Manageengine Remote Access Plus
5
CVSSv2
CVE-2022-26777
Zoho ManageEngine Remote Access Plus prior to 10.1.2137.15 allows guest users to view license details.
Zohocorp Manageengine Remote Access Plus
4.3
CVSSv2
CVE-2022-24681
Zoho ManageEngine ADSelfService Plus prior to 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen.
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus
5
CVSSv2
CVE-2022-25245
Zoho ManageEngine ServiceDesk Plus prior to 13001 allows anyone to know the organisation's default currency name.
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus 13.0
3.5
CVSSv2
CVE-2022-25373
Zoho ManageEngine SupportCenter Plus prior to 11020 allows Stored XSS in the request history.
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »