Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-12998
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote m...
Zohocorp Manageengine Netflow Analyzer -
Zohocorp Firewall Analyzer -
Zohocorp Manageengine Opmanager -
Zohocorp Manageengine Oputils -
Zohocorp Manageengine Network Configuration Manager -
9.8
CVSSv3
CVE-2022-40300
Zoho ManageEngine Password Manager Pro through 12120 prior to 12121, PAM360 through 5550 prior to 5600, and Access Manager Plus through 4304 prior to 4305 have multiple SQL injection vulnerabilities.
Zohocorp Manageengine Password Manager Pro 5.4
Zohocorp Manageengine Password Manager Pro 6.3
Zohocorp Manageengine Password Manager Pro 5.3
Zohocorp Manageengine Password Manager Pro 6.4
Zohocorp Manageengine Password Manager Pro 6.9
Zohocorp Manageengine Password Manager Pro 6.0
Zohocorp Manageengine Password Manager Pro 6.2
Zohocorp Manageengine Password Manager Pro 6.5
Zohocorp Manageengine Password Manager Pro 5.0
Zohocorp Manageengine Password Manager Pro 5.1
Zohocorp Manageengine Password Manager Pro 5.2
Zohocorp Manageengine Password Manager Pro 6.1
Zohocorp Manageengine Password Manager Pro 6.6
Zohocorp Manageengine Password Manager Pro 6.7
Zohocorp Manageengine Password Manager Pro 6.8
Zohocorp Manageengine Password Manager Pro 7.0
Zohocorp Manageengine Access Manager Plus 4.1
Zohocorp Manageengine Access Manager Plus 4.2
Zohocorp Manageengine Password Manager Pro 10.0
Zohocorp Manageengine Password Manager Pro 10.1
Zohocorp Manageengine Password Manager Pro 10.2
Zohocorp Manageengine Password Manager Pro 10.3
9.8
CVSSv3
CVE-2021-28958
Zoho ManageEngine ADSelfService Plus through 6101 is vulnerable to unauthenticated Remote Code Execution while changing the password.
Zohocorp Manageengine Adselfservice Plus 5.7
Zohocorp Manageengine Adselfservice Plus 5.0
Zohocorp Manageengine Adselfservice Plus 5.1
Zohocorp Manageengine Adselfservice Plus 5.2
Zohocorp Manageengine Adselfservice Plus 5.3
Zohocorp Manageengine Adselfservice Plus 4.5
Zohocorp Manageengine Adselfservice Plus 5.4
Zohocorp Manageengine Adselfservice Plus 5.5
Zohocorp Manageengine Adselfservice Plus 5.6
Zohocorp Manageengine Adselfservice Plus 5.8
Zohocorp Manageengine Adselfservice Plus 5.0.6
Zohocorp Manageengine Adselfservice Plus 6.0
Zohocorp Manageengine Adselfservice Plus 6.1
9.8
CVSSv3
CVE-2021-40539
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
Zohocorp Manageengine Adselfservice Plus 5.7
Zohocorp Manageengine Adselfservice Plus 5.0
Zohocorp Manageengine Adselfservice Plus 5.1
Zohocorp Manageengine Adselfservice Plus 5.2
Zohocorp Manageengine Adselfservice Plus 5.3
Zohocorp Manageengine Adselfservice Plus 5.4
Zohocorp Manageengine Adselfservice Plus 5.5
Zohocorp Manageengine Adselfservice Plus 5.6
Zohocorp Manageengine Adselfservice Plus 4.5
Zohocorp Manageengine Adselfservice Plus 5.8
Zohocorp Manageengine Adselfservice Plus 6.0
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus 5.0.6
2 Github repositories
4 Articles
9.8
CVSSv3
CVE-2022-29081
Zoho ManageEngine Access Manager Plus prior to 4302, Password Manager Pro prior to 12007, and PAM360 prior to 5401 are vulnerable to access-control bypass on a few Rest API URLs (for SSOutAction. SSLAction. LicenseMgr. GetProductDetails. GetDashboard. FetchEvents. and Synchronize...
Zohocorp Manageengine Password Manager Pro 10.4
Zohocorp Manageengine Password Manager Pro 10.3
Zohocorp Manageengine Password Manager Pro 10.2
Zohocorp Manageengine Password Manager Pro 10.1
Zohocorp Manageengine Password Manager Pro 11.1
Zohocorp Manageengine Access Manager Plus 4.2
Zohocorp Manageengine Pam360 5.3
Zohocorp Manageengine Pam360 5.2
Zohocorp Manageengine Pam360 5.1
Zohocorp Manageengine Pam360 5.0
Zohocorp Manageengine Pam360 4.5
Zohocorp Manageengine Pam360 4.1
Zohocorp Manageengine Pam360 4.0
Zohocorp Manageengine Access Manager Plus 4.1
Zohocorp Manageengine Pam360 5.4
Zohocorp Manageengine Password Manager Pro 12.0
Zohocorp Manageengine Password Manager Pro 11.3
Zohocorp Manageengine Password Manager Pro 11.2
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus 4.0
4.9
CVSSv3
CVE-2022-40771
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to an XML External Entity attack that leads to Information Disclosure.
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus 14.0
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Servicedesk Plus Msp 13.0
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Assetexplorer
6.5
CVSSv3
CVE-2022-40772
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus 14.0
Zohocorp Manageengine Servicedesk Plus Msp 10.6
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Assetexplorer
6.5
CVSSv3
CVE-2023-26600
ManageEngine ServiceDesk Plus through 14104, ServiceDesk Plus MSP through 14000, Support Center Plus through 14000, and Asset Explorer through 6987 allow privilege escalation via query reports.
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Assetexplorer
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Servicedesk Plus Msp 13.0
Zohocorp Manageengine Servicedesk Plus 14.1
Zohocorp Manageengine Servicedesk Plus
7.5
CVSSv3
CVE-2023-26601
Zoho ManageEngine ServiceDesk Plus through 14104, Asset Explorer through 6987, ServiceDesk Plus MSP prior to 14000, and Support Center Plus prior to 14000 allow Denial-of-Service (DoS).
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Assetexplorer
Zohocorp Manageengine Servicedesk Plus 14.1
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus Msp 14.0
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 14.0
Zohocorp Manageengine Supportcenter Plus
7.5
CVSSv3
CVE-2022-35403
Zoho ManageEngine ServiceDesk Plus prior to 13008, ServiceDesk Plus MSP prior to 10606, and SupportCenter Plus prior to 11022 are affected by an unauthenticated local file disclosure vulnerability via ticket-creation email. (This also affects Asset Explorer prior to 6977 with aut...
Zohocorp Manageengine Servicedesk Plus 13.0
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus Msp 10.6
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Assetexplorer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »