Filtered by vendor Manageengine
Subscribe
Total
485 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-37922 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another. | |||||
CVE-2021-46165 | 1 Zohocorp | 1 Manageengine Desktop Central | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined. | |||||
CVE-2021-40493 | 1 Zohocorp | 1 Manageengine Opmanager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API. | |||||
CVE-2021-41081 | 1 Zohocorp | 1 Manageengine Network Configuration Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search. | |||||
CVE-2021-43295 | 1 Zohocorp | 1 Manageengine Supportcenter Plus | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to Reflected XSS in the Accounts module. | |||||
CVE-2021-37539 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution. | |||||
CVE-2020-24743 | 1 Zohocorp | 1 Manageengine Applications Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter. | |||||
CVE-2021-37920 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | |||||
CVE-2021-42002 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution. | |||||
CVE-2021-43319 | 1 Zohocorp | 1 Manageengine Network Configuration Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection due to improper validation in the Ping functionality. | |||||
CVE-2021-41075 | 1 Zohocorp | 1 Manageengine Opmanager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API. | |||||
CVE-2021-44077 | 1 Zohocorp | 3 Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp, Manageengine Supportcenter Plus | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration. | |||||
CVE-2021-43294 | 1 Zohocorp | 1 Manageengine Supportcenter Plus | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to Reflected XSS in the Products module. | |||||
CVE-2022-23863 | 1 Zohocorp | 1 Manageengine Desktop Central | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any user's login password. | |||||
CVE-2021-37923 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | |||||
CVE-2021-37924 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | |||||
CVE-2021-44652 | 1 Zohocorp | 1 Manageengine O365 Manager Plus | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Zoho ManageEngine O365 Manager Plus before Build 4416 allows remote code execution via BCP file overwrite through the ChangeDBAPI component. | |||||
CVE-2021-37919 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | |||||
CVE-2021-37741 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities. | |||||
CVE-2021-35512 | 1 Zohocorp | 1 Manageengine Applications Manager | 2023-12-10 | 6.4 MEDIUM | 6.5 MEDIUM |
An SSRF issue was discovered in Zoho ManageEngine Applications Manager build 15200. |