Vulnerabilities > Manageengine > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-21 | CVE-2021-28960 | Command Injection vulnerability in Manageengine Desktop Central 10.0.282/5.65 Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of an input command in on-demand operations. | 9.8 |
| 2018-06-05 | CVE-2016-9488 | SQL Injection vulnerability in Manageengine Applications Manager 12.0/13.0 ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from remote SQL injection vulnerabilities. | 9.8 |
| 2017-09-28 | CVE-2015-8249 | Unrestricted Upload of File with Dangerous Type vulnerability in Manageengine Desktop Central 9.0 The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter. | 9.8 |