Vulnerabilities > Zohocorp > Manageengine Desktop Central > 10.0.124

DATE CVE VULNERABILITY TITLE RISK
2018-04-18 CVE-2018-5339 Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient enforcement of database query type restrictions.
network
low complexity
zohocorp CWE-306
critical
 9.8
9.8
2018-04-18 CVE-2018-5338 Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism.
network
low complexity
zohocorp CWE-306
critical
 9.8
9.8
2018-04-18 CVE-2018-5337 Path Traversal vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: directory traversal in the SCRIPT_NAME field when modifying existing scripts.
network
low complexity
zohocorp CWE-22
critical
 9.8
9.8