Vulnerabilities > Zohocorp
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-30 | CVE-2024-38868 | Incorrect Authorization vulnerability in Zohocorp Manageengine Endpoint Central Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15 | 8.3 |
2024-08-30 | CVE-2024-6204 | SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module. | 8.1 |
2024-08-28 | CVE-2024-5546 | SQL Injection vulnerability in Zohocorp Manageengine Pam360 Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option. | 8.8 |
2024-08-23 | CVE-2024-38869 | Cross-site Scripting vulnerability in Zohocorp products Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25. | 5.4 |
2024-08-23 | CVE-2024-41150 | Cross-site Scripting vulnerability in Zohocorp products An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800. | 6.1 |
2024-08-23 | CVE-2024-36514 | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option. | 8.8 |
2024-08-23 | CVE-2024-36515 | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard. | 8.8 |
2024-08-23 | CVE-2024-36516 | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard. | 8.8 |
2024-08-23 | CVE-2024-36517 | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module. | 8.8 |
2024-08-23 | CVE-2024-5466 | Code Injection vulnerability in multiple products Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option. | 8.8 |