Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine applications manager vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-27733
Zoho ManageEngine Applications Manager prior to 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.
Zohocorp Manageengine Applications Manager 14.0
8.8
CVSSv3
CVE-2017-16542
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
Zohocorp Manageengine Applications Manager 13.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-16543
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.
Zohocorp Manageengine Applications Manager 13.0
1 EDB exploit
7.5
CVSSv3
CVE-2020-10816
Zoho ManageEngine Applications Manager 14780 and before allows a remote unauthenticated malicious user to register managed servers via AAMRequestProcessor servlet.
Zohocorp Manageengine Applications Manager 14.7
8.8
CVSSv3
CVE-2019-19475
An issue exists in ManageEngine Applications Manager 14 with Build 14360. Integrated PostgreSQL which is built-in in Applications Manager is prone to attack due to lack of file permission security. The malicious users who are in “Authenticated Users” group can exploit...
Zohocorp Manageengine Applications Manager 14.3
8.1
CVSSv3
CVE-2018-16364
A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows for remote code execution on Windows via a payload on an SMB share.
Zohocorp Manageengine Applications Manager 13.7
5.3
CVSSv3
CVE-2019-19800
Zoho ManageEngine Applications Manager 14 prior to 14520 allows a remote unauthenticated malicious user to disclose OS file names via FailOverHelperServlet.
Zohocorp Manageengine Applications Manager 14.0
6.5
CVSSv3
CVE-2021-35512
An SSRF issue exists in Zoho ManageEngine Applications Manager build 15200.
Zohocorp Manageengine Applications Manager 15.2
9.8
CVSSv3
CVE-2017-16846
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /manageApplications.do?method=AddSubGroup haid parameter.
Zohocorp Manageengine Applications Manager 13.0
9.8
CVSSv3
CVE-2017-16847
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a showPlasmaView action.
Zohocorp Manageengine Applications Manager 13.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »