zohocorp
559 tracked vulnerabilities.
CVE-2020-21641
HIGH
Zoho ManageEngine Analytics Plus < 4.3.5 - XML External Entity Injection via Crafted License File
Aug 15, 2022
CVSS 7.5
EPSS 0.05
CVE-2020-28679
HIGH
Zoho ManageEngine Applications Manager < 14550 - Authenticated SQL Injection via showReports Module
Jan 10, 2022
CVSS 8.8
EPSS 0.03
CVE-2020-24743
CRITICAL
Zoho ManageEngine Applications Manager <14550 - Privilege Escalation
Nov 03, 2021
CVSS 9.8
EPSS 0.21
CVE-2020-9367
HIGH
Zoho ManageEngine Desktop Central MSP build 10.0.486 - DLL Hijacking via CSUNSAPI.dll
Mar 18, 2021
CVSS 7.8
EPSS 0.00
CVE-2020-35682
HIGH
ManageEngine ServiceDesk Plus < 11134 - Authentication Bypass via SAML Login
Mar 13, 2021
CVSS 8.8
EPSS 0.02
CVE-2020-35594
MEDIUM
ManageEngine ADManager Plus < 7066 - Cross-Site Scripting
Mar 05, 2021
CVSS 6.1
EPSS 0.04
CVE-2020-28050
CRITICAL
ManageEngine Desktop Central < 10.0.647 - Improper Authentication via Shared Agent Secret
Mar 05, 2021
CVSS 9.1
EPSS 0.02
CVE-2020-29658
CRITICAL
Zoho ManageEngine Application Control Plus <100523 - Privilege Esca...
Mar 05, 2021
CVSS 9.8
EPSS 0.15
CVE-2020-35765
HIGH
ManageEngine Applications Manager <= 14930 - Authenticated SQL Injection via showresource.do resourceid Parameter
Feb 05, 2021
CVSS 8.8
EPSS 0.01
CVE-2020-28653
CRITICAL
NUCLEI
ManageEngine OpManager < 125203 - Remote Code Execution via Smart Update Manager Servlet
Feb 03, 2021
CVSS 9.8
EPSS 0.93
CVE-2020-27733
HIGH
Zoho ManageEngine Applications Manager < 14 build 14880 - Authenticated SQL Injection via Alarmview Request
Jan 19, 2021
CVSS 8.8
EPSS 0.04
CVE-2020-27995
CRITICAL
Zoho ManageEngine Applications Manager < 14560 - SQL Injection via MyPage.do template_resid Parameter
Oct 29, 2020
CVSS 9.8
EPSS 0.36
CVE-2020-10816
HIGH
Zoho ManageEngine Apps Mgr <14780 - RCE
Oct 08, 2020
CVSS 7.5
EPSS 0.25
CVE-2020-16267
HIGH
Zoho ManageEngine Applications Manager <= 14740 - Authenticated SQL Injection via RCA Module
Oct 06, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-15927
HIGH
ManageEngine Applications Manager <= 14740 - Authenticated SQL Injection via SAP Module JSP Request
Oct 06, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-24397
HIGH
Zoho ManageEngine Desktop Central <10.0.0.SP-534 - RCE
Oct 02, 2020
CVSS 7.2
EPSS 0.17
CVE-2020-15589
HIGH
ManageEngine Desktop Central 10.0.552.W & Remote Access Plus < 10.1.2119.1 - RCE via TLS Bypass
Oct 02, 2020
CVSS 8.1
EPSS 0.04
CVE-2020-15533
CRITICAL
Zoho ManageEngine Application Manager < 14.6 - Unauthenticated SQL Injection in AlarmEscalation Module
Oct 01, 2020
CVSS 9.8
EPSS 0.11
CVE-2020-15595
MEDIUM
Zoho Application Control Plus <10.0.511 - Info Disclosure
Sep 30, 2020
CVSS 4.3
EPSS 0.02
CVE-2020-15594
MEDIUM
Zoho Application Control Plus < 10.0.511 - Server-Side Request Forgery via Mail Gateway Configuration
Sep 30, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-15521
MEDIUM
Zoho ManageEngine Applications Manager < 14.0 - Cross-Site Scripting in jsp/header.jsp
Sep 25, 2020
CVSS 6.1
EPSS 0.07
CVE-2020-15394
CRITICAL
Zoho ManageEngine Applications Manager <build 14740 - RCE
Sep 25, 2020
CVSS 9.8
EPSS 0.31
CVE-2020-14008
HIGH
ManageEngine Applications Manager <= 14710 - Authenticated Remote Code Execution via JAR Upload
Sep 04, 2020
CVSS 7.2
EPSS 0.44
CVE-2020-24786
CRITICAL
ManageEngine ADSelfService Plus < 5817 - Authentication Bypass via UpdateProductDetails Servlet
Aug 31, 2020
CVSS 9.8
EPSS 0.07
CVE-2020-11552
CRITICAL
Zohocorp ManageEngine ADSelfService Plus < 6003 - Privilege Escalation
Aug 11, 2020
CVSS 9.8
EPSS 0.05
Products
manageengine_applications_manager 56
manageengine_opmanager 56
manageengine_admanager_plus 53
manageengine_adaudit_plus 52
manageengine_adselfservice_plus 51
manageengine_servicedesk_plus 50
manageengine_desktop_central 48
manageengine_supportcenter_plus 31
manageengine_exchange_reporter_plus 28
manageengine_netflow_analyzer 28
manageengine_assetexplorer 26
manageengine_servicedesk_plus_msp 26
manageengine_password_manager_pro 22
manageengine_eventlog_analyzer 19
manageengine_network_configuration_manager 14
manageengine_pam360 14
manageengine_remote_access_plus 14
manageengine_firewall_analyzer 12
manageengine_access_manager_plus 11
manageengine_it360 9
manageengine_log360 9
ManageEngine Exchange Reporter Plus 8
manageengine_endpoint_central 8
manageengine_oputils 8
manageengine_analytics_plus 7
manageengine_datasecurity_plus 6
manageengine_opmanager_msp 6
manageengine_opmanager_plus 6
manageengine_cloud_security_plus 5
manageengine_key_manager_plus 5
Quick Filters