zohocorp

559 tracked vulnerabilities.

CVE-2021-20136 CRITICAL
ManageEngine Log360 < 5235 - Unauthenticated Database Configuration Overwrite and Remote Code Execution
Nov 01, 2021
CVSS 9.8
EPSS 0.31
CVE-2021-35512 MEDIUM
Zoho ManageEngine Applications Manager <15200 - SSRF
Oct 21, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-41075 CRITICAL
Zoho ManageEngine OpManger <125455 - SQL Injection
Oct 13, 2021
CVSS 9.8
EPSS 0.26
CVE-2021-40493 CRITICAL
Zoho ManageEngine OpManager <125437 - SQL Injection
Oct 13, 2021
CVSS 9.8
EPSS 0.39
CVE-2021-20131 HIGH
ManageEngine ADManager Plus < 7.1 - Authenticated Remote Code Execution via Personalization File Upload
Oct 13, 2021
CVSS 8.8
EPSS 0.48
CVE-2021-20130 HIGH
ManageEngine ADManager Plus < 7.1 - Authenticated Remote Code Execution via PasswordExpiry File Upload
Oct 13, 2021
CVSS 8.8
EPSS 0.48
CVE-2021-38298 CRITICAL
Zoho ManageEngine ADManager Plus <7110 - Blind XSS
Oct 07, 2021
CVSS 9.8
EPSS 0.06
CVE-2021-37931 CRITICAL
Zoho ManageEngine ADManager Plus <= 7110 - Unrestricted File Upload leading to Remote Code Execution
Oct 07, 2021
CVSS 9.8
EPSS 0.37
CVE-2021-37930 CRITICAL
Zoho ManageEngine ADManager Plus <= 7110 - Remote Code Execution via Unrestricted File Upload
Oct 07, 2021
CVSS 9.8
EPSS 0.37
CVE-2021-37929 CRITICAL
Zoho ManageEngine ADManager Plus <= 7110 - Remote Code Execution via Unrestricted File Upload
Oct 07, 2021
CVSS 9.8
EPSS 0.37
CVE-2021-37928 CRITICAL
ManageEngine ADManager Plus <= 7110 - Remote Code Execution via Unrestricted File Upload
Oct 07, 2021
CVSS 9.8
EPSS 0.37
CVE-2021-37926 CRITICAL
Zoho ManageEngine ADManager Plus <= 7110 - Unrestricted File Upload Leading to Remote Code Execution
Oct 07, 2021
CVSS 9.8
EPSS 0.44
CVE-2021-37924 CRITICAL
Zoho ManageEngine ADManager Plus <= 7110 - Remote Code Execution via Unrestricted File Upload
Oct 07, 2021
CVSS 9.8
EPSS 0.37
CVE-2021-37923 CRITICAL
Zoho ManageEngine ADManager Plus <= 7110 - Remote Code Execution via Unrestricted File Upload
Oct 07, 2021
CVSS 9.8
EPSS 0.37
CVE-2021-37922 MEDIUM
ManageEngine ADManager Plus <= 7110 - Path Traversal
Oct 07, 2021
CVSS 5.3
EPSS 0.26
CVE-2021-37921 CRITICAL
ManageEngine ADManager Plus <= 7110 - Unrestricted File Upload leading to Remote Code Execution
Oct 07, 2021
CVSS 9.8
EPSS 0.37
CVE-2021-37920 CRITICAL
Zoho ManageEngine ADManager Plus <= 7110 - Remote Code Execution via Unrestricted File Upload
Oct 07, 2021
CVSS 9.8
EPSS 0.37
CVE-2021-37919 CRITICAL
Zoho ManageEngine ADManager Plus < 7.1 - Remote Code Execution via Unrestricted File Upload
Oct 07, 2021
CVSS 9.8
EPSS 0.37
CVE-2021-37918 CRITICAL
ManageEngine ADManager Plus <= 7110 - Unrestricted File Upload Leading to Remote Code Execution
Oct 07, 2021
CVSS 9.8
EPSS 0.44
CVE-2021-37762 CRITICAL
ManageEngine ADManager Plus <= 7110 - Remote Code Execution via Unrestricted File Upload
Oct 07, 2021
CVSS 9.8
EPSS 0.37
CVE-2021-33849 MEDIUM
Zoho CRM Lead Magnet 1.7.2.4 - Stored Cross-Site Scripting via Form Manipulation
Oct 05, 2021
CVSS 5.4
EPSS 0.02
CVE-2021-41288 CRITICAL
Zoho ManageEngine OpManager <125466 - SQL Injection
Sep 30, 2021
CVSS 9.8
EPSS 0.32
CVE-2021-41829 HIGH
Zoho ManageEngine Remote Access Plus <10.1.2121.1 - RCE
Sep 30, 2021
CVSS 7.5
EPSS 0.06
CVE-2021-41828 HIGH
Zoho ManageEngine Remote Access Plus < 10.1.2121.1 - Use of Hard-coded Credentials in resetPWD.xml
Sep 30, 2021
CVSS 7.5
EPSS 0.11
CVE-2021-41827 HIGH
Zoho ManageEngine Remote Access Plus < 10.1.2121.1 - Hardcoded Credentials in DCBackupRestore JAR Archive
Sep 30, 2021
CVSS 7.5
EPSS 0.11
Products
manageengine_applications_manager 56 manageengine_opmanager 56 manageengine_admanager_plus 53 manageengine_adaudit_plus 52 manageengine_adselfservice_plus 51 manageengine_servicedesk_plus 50 manageengine_desktop_central 48 manageengine_supportcenter_plus 31 manageengine_exchange_reporter_plus 28 manageengine_netflow_analyzer 28 manageengine_assetexplorer 26 manageengine_servicedesk_plus_msp 26 manageengine_password_manager_pro 22 manageengine_eventlog_analyzer 19 manageengine_network_configuration_manager 14 manageengine_pam360 14 manageengine_remote_access_plus 14 manageengine_firewall_analyzer 12 manageengine_access_manager_plus 11 manageengine_it360 9 manageengine_log360 9 ManageEngine Exchange Reporter Plus 8 manageengine_endpoint_central 8 manageengine_oputils 8 manageengine_analytics_plus 7 manageengine_datasecurity_plus 6 manageengine_opmanager_msp 6 manageengine_opmanager_plus 6 manageengine_cloud_security_plus 5 manageengine_key_manager_plus 5
Quick Filters
Critical CVEs With Exploits In CISA KEV