Vulnerabilities > Zohocorp

DATE CVE VULNERABILITY TITLE RISK
2021-10-13 CVE-2021-40493 SQL Injection vulnerability in Zohocorp Manageengine Opmanager
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module.
network
low complexity
zohocorp CWE-89
7.5
2021-10-13 CVE-2021-41075 SQL Injection vulnerability in Zohocorp Manageengine Opmanager
The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.
network
low complexity
zohocorp CWE-89
7.5
2021-10-13 CVE-2021-20130 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.
network
low complexity
zohocorp CWE-434
6.5
2021-10-13 CVE-2021-20131 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.
network
low complexity
zohocorp CWE-434
6.5
2021-10-07 CVE-2021-38298 XXE vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE.
network
low complexity
zohocorp CWE-611
7.5
2021-10-07 CVE-2021-37762 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution.
network
low complexity
zohocorp CWE-434
7.5
2021-10-07 CVE-2021-37918 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
network
low complexity
zohocorp CWE-434
7.5
2021-10-07 CVE-2021-37919 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
network
low complexity
zohocorp CWE-434
7.5
2021-10-07 CVE-2021-37920 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
network
low complexity
zohocorp CWE-434
7.5
2021-10-07 CVE-2021-37921 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
network
low complexity
zohocorp CWE-434
7.5