Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus prior to 4350 allows remote malicious users to run arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zohocorp manageengine analytics plus 2.9 |
||
zohocorp manageengine analytics plus 3.0 |
||
zohocorp manageengine analytics plus 3.1 |
||
zohocorp manageengine analytics plus 3.2 |
||
zohocorp manageengine analytics plus 3.3 |
||
zohocorp manageengine analytics plus 3.4 |
||
zohocorp manageengine analytics plus 3.5 |
||
zohocorp manageengine analytics plus 3.6 |
||
zohocorp manageengine analytics plus 3.7 |
||
zohocorp manageengine analytics plus 3.8 |
||
zohocorp manageengine analytics plus 3.9 |
||
zohocorp manageengine analytics plus 4.0 |
||
zohocorp manageengine analytics plus 4.1 |
||
zohocorp manageengine analytics plus 4.2 |
||
zohocorp manageengine analytics plus 4.3 |