Vulnerabilities > Zohocorp > Manageengine Firewall Analyzer > 12.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-08 | CVE-2023-47211 | Path Traversal vulnerability in Zohocorp products A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. | 8.6 |
| 2023-11-15 | CVE-2023-6105 | Unspecified vulnerability in Zohocorp products An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. | 5.5 |
| 2022-07-18 | CVE-2022-35404 | Improper Input Validation vulnerability in Zohocorp products ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine. | 8.2 |
| 2019-05-02 | CVE-2019-11678 | SQL Injection vulnerability in Zohocorp Manageengine Firewall Analyzer The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is vulnerable to SQL Injection. | 9.8 |
| 2019-05-02 | CVE-2019-11677 | XXE vulnerability in Zohocorp Manageengine Firewall Analyzer The Custom Report import function in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to XML External Entity (XXE) Injection. | 9.8 |
| 2019-05-02 | CVE-2019-11676 | Cross-site Scripting vulnerability in Zohocorp Manageengine Firewall Analyzer The user defined DNS name in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to stored XSS attacks. | 6.1 |
| 2017-09-04 | CVE-2017-14123 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Firewall Analyzer 12.2 Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. | 8.8 |