Vulnerabilities > Zoho
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-23 | CVE-2024-5466 | Code Injection vulnerability in multiple products Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option. | 8.8 |
| 2024-07-09 | CVE-2024-37225 | SQL Injection vulnerability in Zoho Marketing Automation Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zoho Marketing Automation.This issue affects Zoho Marketing Automation: from n/a through 1.2.7. | 8.8 |
| 2021-11-17 | CVE-2021-42956 | Improper Privilege Management vulnerability in Zoho Manageengine Remote Access Plus Server 10.1.2121.1/10.1.2132 Zoho Remote Access Plus Server Windows Desktop Binary fixed in 10.1.2132.6 is affected by a sensitive information disclosure vulnerability. | 8.8 |
| 2019-11-26 | CVE-2019-19306 | Cross-site Scripting vulnerability in Zoho Lead Magnet 1.6.9.1 The Zoho CRM Lead Magnet plugin 1.6.9.1 for WordPress allows XSS via module, EditShortcode, or LayoutName. | 5.4 |
| 2019-08-27 | CVE-2019-15645 | Cross-Site Request Forgery (CSRF) vulnerability in Zoho Salesiq The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF. | 8.8 |
| 2019-08-27 | CVE-2019-15644 | Cross-site Scripting vulnerability in Zoho Salesiq The zoho-salesiq plugin before 1.0.9 for WordPress has stored XSS. | 6.1 |
| 2019-07-05 | CVE-2019-5963 | Cross-Site Request Forgery (CSRF) vulnerability in Zoho Salesiq Cross-site request forgery (CSRF) vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2019-07-05 | CVE-2019-5962 | Cross-site Scripting vulnerability in Zoho Salesiq Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |