Vulnerabilities > Zohocorp > Manageengine Opmanager > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-16 | CVE-2019-15106 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Opmanager An issue was discovered in Zoho ManageEngine OpManager in builds before 14310. | 9.8 |
| 2018-12-21 | CVE-2018-20338 | SQL Injection vulnerability in Zohocorp Manageengine Opmanager 12.3 Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section. | 9.8 |
| 2018-12-17 | CVE-2018-20173 | SQL Injection vulnerability in Zohocorp Manageengine Opmanager 12.3 Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via the getGraphData API. | 9.8 |
| 2018-11-05 | CVE-2018-18949 | SQL Injection vulnerability in Zohocorp Manageengine Opmanager 11.4/11.5/12.3 Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings. | 9.8 |
| 2018-10-23 | CVE-2018-18475 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Opmanager 12.3 Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestricted Arbitrary File Upload. | 9.8 |
| 2018-09-20 | CVE-2018-17243 | SQL Injection vulnerability in Zohocorp Manageengine Opmanager Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection. | 9.8 |
| 2017-08-04 | CVE-2015-9107 | Cryptographic Issues vulnerability in Zohocorp Manageengine Opmanager Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the credential used to access the monitored devices. | 9.8 |