Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-43671
Zoho ManageEngine Password Manager Pro prior to 12122, PAM360 prior to 5711, and Access Manager Plus prior to 4306 allow SQL Injection.
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus
Zohocorp Manageengine Password Manager Pro
Zohocorp Manageengine Password Manager Pro 12.1
Zohocorp Manageengine Pam360 5.7
Zohocorp Manageengine Pam360
9.8
CVSSv3
CVE-2022-47523
Zoho ManageEngine Access Manager Plus prior to 4309, Password Manager Pro prior to 12210, and PAM360 prior to 5801 are vulnerable to SQL Injection.
Zohocorp Manageengine Password Manager Pro
Zohocorp Manageengine Password Manager Pro 12.2
Zohocorp Manageengine Pam360
Zohocorp Manageengine Pam360 5.8
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus
7.5
CVSSv3
CVE-2014-7863
The FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine Applications Manager prior to 11.9 build 11912, OpManager 8 up to and including 11.5 build 11400, and IT360 10.5 and previous versions does not properly restrict access, which allows remote attackers and rem...
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine It360
Zohocorp Manageengine Opmanager
1 EDB exploit
7.5
CVSSv3
CVE-2020-12116
Zoho ManageEngine OpManager Stable build prior to 124196 and Released build prior to 125125 allows an unauthenticated malicious user to read arbitrary files on the server by sending a crafted request.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.4
Zohocorp Manageengine Opmanager 12.5
1 Github repository
7.5
CVSSv3
CVE-2018-12997
Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows malicious u...
Zohocorp Manageengine Netflow Analyzer -
Zohocorp Firewall Analyzer -
Zohocorp Manageengine Opmanager -
Zohocorp Manageengine Oputils -
Zohocorp Manageengine Network Configuration Manager -
6.1
CVSSv3
CVE-2018-12998
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote m...
Zohocorp Manageengine Netflow Analyzer -
Zohocorp Firewall Analyzer -
Zohocorp Manageengine Opmanager -
Zohocorp Manageengine Oputils -
Zohocorp Manageengine Network Configuration Manager -
4.3
CVSSv3
CVE-2019-17112
An issue exists in Zoho ManageEngine DataSecurity Plus prior to 5.0.1 5012. An exposed service allows a basic user ("Operator" access level) to access the configuration file of the mail server (except for the password).
Zohocorp Manageengine Datasecurity Plus 4.0
Zohocorp Manageengine Datasecurity Plus 4.1
Zohocorp Manageengine Datasecurity Plus 4.2
Zohocorp Manageengine Datasecurity Plus 4.3
Zohocorp Manageengine Datasecurity Plus 5.0
9.8
CVSSv3
CVE-2018-18949
Zoho ManageEngine OpManager 12.3 prior to 123222 has SQL Injection via Mail Server settings.
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 11.5
6.1
CVSSv3
CVE-2018-18716
Zoho ManageEngine OpManager 12.3 prior to 123219 has a Self XSS Vulnerability.
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 11.5
6.1
CVSSv3
CVE-2018-19288
Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API.
Zohocorp Manageengine Opmanager 11.4
Zohocorp Manageengine Opmanager 11.5
Zohocorp Manageengine Opmanager 12.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »