Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-27908
Zoho ManageEngine OpManager prior to 125588 (and prior to 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
8.8
CVSSv3
CVE-2021-40172
Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings.
Zohocorp Manageengine Log360
Zohocorp Manageengine Log360 5.2
6.1
CVSSv3
CVE-2021-40176
Zoho ManageEngine Log360 before Build 5225 allows stored XSS.
Zohocorp Manageengine Log360
Zohocorp Manageengine Log360 5.2
9.8
CVSSv3
CVE-2021-40177
Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite.
Zohocorp Manageengine Log360
Zohocorp Manageengine Log360 5.2
7.5
CVSSv3
CVE-2020-13818
In Zoho ManageEngine OpManager prior to 125144, when <cachestart> is used, directory traversal validation can be bypassed.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
NA
CVE-2014-6035
Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine OpManager 11.4, 11.3, and previous versions allows remote malicious users to write and execute arbitrary files via a .. (dot dot) in the FILENAME parameter.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 11.4
1 EDB exploit
7.5
CVSSv3
CVE-2021-31160
Zoho ManageEngine ServiceDesk Plus MSP prior to 10521 allows an malicious user to access internal data.
Zohocorp Manageengine Servicedesk Plus 10.5
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Servicedesk Plus Msp 10.5
9.8
CVSSv3
CVE-2021-41080
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Network Configuration Manager 12.3
9.8
CVSSv3
CVE-2021-41081
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Network Configuration Manager 12.3
1 Github repository
6.5
CVSSv3
CVE-2022-24447
An issue exists in Zoho ManageEngine Key Manager Plus prior to 6200. A service exposed by the application allows a user, with the level Operator, to access stored SSL certificates and associated key pairs during export.
Zohocorp Manageengine Key Manager Plus 6.0
Zohocorp Manageengine Key Manager Plus
Zohocorp Manageengine Key Manager Plus 6.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »