Vulnerabilities > Zohocorp

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-17	CVE-2021-36771	Cross-site Scripting vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7110 allows reflected XSS. network low complexity zohocorp CWE-79	6.1
2021-07-17	CVE-2021-36772	Cross-site Scripting vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7110 allows stored XSS. network low complexity zohocorp CWE-79	6.1
2021-07-02	CVE-2021-31874	Unspecified vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus before 6104, in rare situations, allows attackers to obtain sensitive information about the password-sync database application. network high complexity zohocorp	5.9
2021-07-01	CVE-2021-31813	Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager Zoho ManageEngine Applications Manager before 15130 is vulnerable to Stored XSS while importing malicious user details (e.g., a crafted user name) from AD. network low complexity zohocorp CWE-79	5.4
2021-06-29	CVE-2021-31160	Unspecified vulnerability in Zohocorp products Zoho ManageEngine ServiceDesk Plus MSP before 10521 allows an attacker to access internal data. network low complexity zohocorp	7.5
2021-06-29	CVE-2021-31530	Unspecified vulnerability in Zohocorp Manageengine Servicedesk Plus MSP 10.5 Zoho ManageEngine ServiceDesk Plus MSP before 10522 is vulnerable to Information Disclosure. network low complexity zohocorp	7.5
2021-06-29	CVE-2021-31531	Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Servicedesk Plus MSP 10.5 Zoho ManageEngine ServiceDesk Plus MSP before 10521 is vulnerable to Server-Side Request Forgery (SSRF). network low complexity zohocorp CWE-918 critical	9.8
2021-06-25	CVE-2021-28958	OS Command Injection vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus through 6101 is vulnerable to unauthenticated Remote Code Execution while changing the password. network low complexity zohocorp CWE-78 critical	9.8
2021-06-16	CVE-2021-31159	Information Exposure Through an Error Message vulnerability in Zohocorp Manageengine Servicedesk Plus MSP 10.5 Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732. network low complexity zohocorp CWE-209	5.3
2021-06-16	CVE-2021-31857	Unspecified vulnerability in Zohocorp Manageengine Password Manager PRO In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve credentials via a browser extension for non-website resource types. network high complexity zohocorp	5.9

Vulnerabilities > Zohocorp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zohocorp"}]}

Vulnerabilities > Zohocorp