Vulnerabilities > Zohocorp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-23 | CVE-2017-11559 | SQL Injection vulnerability in Zohocorp Manageengine Opmanager 12.2 An issue was discovered in ZOHO ManageEngine OpManager 12.2. | 7.5 |
| 2019-05-23 | CVE-2017-11557 | Information Exposure vulnerability in Zohocorp Manageengine Applications Manager 12.3 An issue was discovered in ZOHO ManageEngine Applications Manager 12.3. | 5.3 |
| 2019-05-23 | CVE-2017-11740 | Improper Input Validation vulnerability in Zohocorp Manageengine Applications Manager 13.1 In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. | 8.8 |
| 2019-05-23 | CVE-2017-11739 | Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager 13.1 In Zoho ManageEngine Application Manager 13.1 Build 13100, an authenticated user, with administrative privileges, has the ability to add a widget on any dashboard. | 6.1 |
| 2019-05-23 | CVE-2017-11738 | SQL Injection vulnerability in Zohocorp Manageengine Applications Manager 13.1 In Zoho ManageEngine Application Manager prior to 14.6 Build 14660, the 'haid' parameter of the '/auditLogAction.do' module is vulnerable to a Time-based Blind SQL Injection attack. | 8.1 |
| 2019-05-23 | CVE-2017-11561 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Opmanager 12.2 An issue was discovered in ZOHO ManageEngine OpManager 12.2. | 6.5 |
| 2019-05-21 | CVE-2019-12252 | Authorization Bypass Through User-Controlled Key vulnerability in Zohocorp Manageengine Servicedesk Plus In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the lowest privileges (guest) can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail¬ifyTo=SOLFORWARD&id= substring. | 6.5 |
| 2019-05-21 | CVE-2019-12189 | Cross-site Scripting vulnerability in Zohocorp Manageengine Servicedesk Plus 9.3 An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. | 6.1 |
| 2019-05-17 | CVE-2019-8929 | Cross-site Scripting vulnerability in Zohocorp Manageengine Netflow Analyzer 7.0.0.2 An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. | 6.1 |
| 2019-05-17 | CVE-2019-8928 | Cross-site Scripting vulnerability in Zohocorp Manageengine Netflow Analyzer 7.0.0.2 An issue was discovered in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. | 6.1 |