Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2022-27908
Zoho ManageEngine OpManager prior to 125588 (and prior to 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
668
VMScore
CVE-2022-29535
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
383
VMScore
CVE-2021-40176
Zoho ManageEngine Log360 before Build 5225 allows stored XSS.
Zohocorp Manageengine Log360
Zohocorp Manageengine Log360 5.2
668
VMScore
CVE-2021-40177
Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite.
Zohocorp Manageengine Log360
Zohocorp Manageengine Log360 5.2
383
VMScore
CVE-2021-40178
Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGO_PATH key value in the logon settings.
Zohocorp Manageengine Log360
Zohocorp Manageengine Log360 5.2
668
VMScore
CVE-2019-17602
An issue exists in Zoho ManageEngine OpManager prior to 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to SQL injection. Depending on the configuration, this vulnerability could be exploited unauthenticated or authenticated.
Zohocorp Manageengine Opmanager 12.4
Zohocorp Manageengine Opmanager
445
VMScore
CVE-2020-11527
In Zoho ManageEngine OpManager prior to 12.4.181, an unauthenticated remote attacker can send a specially crafted URI to read arbitrary files.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.4
668
VMScore
CVE-2021-41075
The NetFlow Analyzer in Zoho ManageEngine OpManger prior to 125455 is vulnerable to SQL Injection in the Attacks Module API.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
605
VMScore
CVE-2021-40172
Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings.
Zohocorp Manageengine Log360
Zohocorp Manageengine Log360 5.2
668
VMScore
CVE-2021-41288
Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »