Vulnerabilities > Manageengine > Desktop Central > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-21 | CVE-2021-28960 | Command Injection vulnerability in Manageengine Desktop Central 10.0.282/5.65 Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of an input command in on-demand operations. | 9.8 |
| 2017-09-28 | CVE-2015-8249 | Unrestricted Upload of File with Dangerous Type vulnerability in Manageengine Desktop Central 9.0 The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter. | 9.8 |