zohocorp

559 tracked vulnerabilities.

CVE-2019-12595 MEDIUM
ManageEngine AssetExplorer - Stored Cross-Site Scripting via RCSettings.do rdsName Parameter
Jul 11, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-12540 MEDIUM
Zoho ManageEngine ServiceDesk Plus 10.5 - Stored Cross-Site Scripting via WorkOrder.do Search Field
Jul 11, 2019
CVSS 6.1
EPSS 0.03
CVE-2019-12539 MEDIUM
Zoho ManageEngine ServiceDesk Plus - Stored Cross-Site Scripting via Purchase Search Field
Jul 11, 2019
CVSS 6.1
EPSS 0.03
CVE-2019-12537 MEDIUM
ManageEngine AssetExplorer - Stored Cross-Site Scripting via SearchN.do Search Field
Jul 11, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-12133 HIGH
Multiple Zoho ManageEngine products - Privilege Escalation
Jun 18, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-12476 MEDIUM
ManageEngine ADSelfService Plus < 5.0.6 - Authentication Bypass via Password Reset Keyboard Input Sequence
Jun 17, 2019
CVSS 6.8
EPSS 0.01
CVE-2019-12196 CRITICAL
Zoho ManageEngine NetFlow Analyzer 12.3 - SQL Injection
Jun 05, 2019
CVSS 9.8
EPSS 0.24
CVE-2019-12543 MEDIUM
Zoho ManageEngine ServiceDesk Plus 9.3 - Stored Cross-Site Scripting via PurchaseRequest.do serviceRequestId Parameter
Jun 05, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-12542 MEDIUM
ManageEngine ServiceDesk Plus 9.3 - Cross-Site Scripting via SearchN.do userConfigID Parameter
Jun 05, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-12541 MEDIUM
ManageEngine ServiceDesk Plus 9.3 - Stored Cross-Site Scripting via SolutionSearch.do searchText Parameter
Jun 05, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-12538 MEDIUM
Zoho ManageEngine ServiceDesk Plus 9.3 - Cross-Site Scripting via SiteLookup.do Search Field
Jun 05, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-8346 MEDIUM
ManageEngine ADSelfService Plus 5.x-5704 - Unauthenticated Stored Cross-Site Scripting via adscsrf Parameter
May 24, 2019
CVSS 6.1
EPSS 0.03
CVE-2019-12252 MEDIUM
Zoho ManageEngine ServiceDesk Plus <10.5 - Info Disclosure
May 21, 2019
CVSS 6.5
EPSS 0.07
CVE-2019-12189 MEDIUM
Zoho ManageEngine ServiceDesk Plus 9.3 - XSS
May 21, 2019
CVSS 6.1
EPSS 0.07
CVE-2019-8929 MEDIUM
ManageEngine Netflow Analyzer 7.0.0.2 - Cross-Site Scripting via Device Selection
May 17, 2019
CVSS 6.1
EPSS 0.03
CVE-2019-8928 MEDIUM
ManageEngine Netflow Analyzer Professional 7.0.0.2 - Stored Cross-Site Scripting via User Management Form Parameters
May 17, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-8927 MEDIUM
ManageEngine Netflow Analyzer Professional 7.0.0.2 - Stored Cross-Site Scripting via Schedule Configuration Parameters
May 17, 2019
CVSS 6.1
EPSS 0.03
CVE-2019-8926 MEDIUM
ManageEngine Netflow Analyzer Professional 7.0.0.2 - Cross-Site Scripting via Administration Zone Popup Parameters
May 17, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-8925 MEDIUM
ManageEngine Netflow Analyzer 7.0.0.2 Authenticated Path Traversal via CReportPDFServlet
May 17, 2019
CVSS 4.3
EPSS 0.09
CVE-2019-7427 MEDIUM
Zoho ManageEngine Netflow Analyzer Pro <7.0.0.2 - XSS
May 07, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-7426 MEDIUM
Zoho ManageEngine Netflow Analyzer Professional <7.0.0.2 - XSS
May 07, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-11678 CRITICAL
Zoho ManageEngine Firewall Analyzer <12.3 - SQL Injection
May 02, 2019
CVSS 9.8
EPSS 0.13
CVE-2019-11677 CRITICAL
Zoho ManageEngine Firewall Analyzer <12.3 Build 123224 - XXE Injection
May 02, 2019
CVSS 9.8
EPSS 0.02
CVE-2019-11676 MEDIUM
Zoho ManageEngine Firewall Analyzer <12.3 - XSS
May 02, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-11511 MEDIUM
Zoho ManageEngine ADSelfService Plus <build 5708 - XSS
Apr 25, 2019
CVSS 6.1
EPSS 0.03
Products
manageengine_applications_manager 56 manageengine_opmanager 56 manageengine_admanager_plus 53 manageengine_adaudit_plus 52 manageengine_adselfservice_plus 51 manageengine_servicedesk_plus 50 manageengine_desktop_central 48 manageengine_supportcenter_plus 31 manageengine_exchange_reporter_plus 28 manageengine_netflow_analyzer 28 manageengine_assetexplorer 26 manageengine_servicedesk_plus_msp 26 manageengine_password_manager_pro 22 manageengine_eventlog_analyzer 19 manageengine_network_configuration_manager 14 manageengine_pam360 14 manageengine_remote_access_plus 14 manageengine_firewall_analyzer 12 manageengine_access_manager_plus 11 manageengine_it360 9 manageengine_log360 9 ManageEngine Exchange Reporter Plus 8 manageengine_endpoint_central 8 manageengine_oputils 8 manageengine_analytics_plus 7 manageengine_datasecurity_plus 6 manageengine_opmanager_msp 6 manageengine_opmanager_plus 6 manageengine_cloud_security_plus 5 manageengine_key_manager_plus 5
Quick Filters
Critical CVEs With Exploits In CISA KEV