Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine applications manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-35512
An SSRF issue exists in Zoho ManageEngine Applications Manager build 15200.
Zohocorp Manageengine Applications Manager 15.2
6.1
CVSSv3
CVE-2023-38333
Zoho ManageEngine Applications Manager through 16530 allows reflected XSS while logged in.
Zohocorp Manageengine Applications Manager 16.5
Zohocorp Manageengine Applications Manager
6.1
CVSSv3
CVE-2023-29442
Zoho ManageEngine Applications Manager prior to 16400 allows proxy.html DOM XSS.
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 16.3
6.1
CVSSv3
CVE-2023-28341
Stored Cross site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager through 16340 allows an unauthenticated user to inject malicious javascript on the incorrect login details page.
Zohocorp Manageengine Applications Manager 16.3
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 15.9
6.1
CVSSv3
CVE-2020-15521
Zoho ManageEngine Applications Manager prior to 14 build 14730 has no protection against jsp/header.jsp Cross-site Scripting (XSS) .
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 14.0
6.1
CVSSv3
CVE-2017-11739
In Zoho ManageEngine Application Manager 13.1 Build 13100, an authenticated user, with administrative privileges, has the ability to add a widget on any dashboard. This widget can be a "Utility Widget" with a "Custom HTML or Text" field. Once this widget is cr...
Zohocorp Manageengine Applications Manager 13.1
6.1
CVSSv3
CVE-2018-15169
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager 13 before build 13820 allows remote malicious users to inject arbitrary web script or HTML via the /deleteMO.do method parameter.
Zohocorp Manageengine Applications Manager
6.1
CVSSv3
CVE-2018-12996
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager prior to 13 (Build 13800) allows remote malicious users to inject arbitrary web script or HTML via the parameter 'method' to GraphicalView.do.
Zohocorp Manageengine Applications Manager
6.1
CVSSv3
CVE-2016-9490
ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from a Reflected Cross-Site Scripting vulnerability. Applications Manager is prone to a Cross-Site Scripting vulnerability in parameter LIMIT, in URL path /DiagAlertAction.do?REQTYPE=AJAX&LIMIT=123...
Manageengine Applications Manager 13.0
Manageengine Applications Manager 12.0
5.4
CVSSv3
CVE-2021-31813
Zoho ManageEngine Applications Manager prior to 15130 is vulnerable to Stored XSS while importing malicious user details (e.g., a crafted user name) from AD.
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine Applications Manager 15.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »