Vulnerabilities > Zohocorp

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-21	CVE-2018-20339	Cross-site Scripting vulnerability in Zohocorp Manageengine Opmanager 12.3 Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section. network low complexity zohocorp CWE-79	6.1
2018-12-21	CVE-2018-20338	SQL Injection vulnerability in Zohocorp Manageengine Opmanager 12.3 Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section. network low complexity zohocorp CWE-89 critical	9.8
2018-12-17	CVE-2018-20173	SQL Injection vulnerability in Zohocorp Manageengine Opmanager 12.3 Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via the getGraphData API. network low complexity zohocorp CWE-89 critical	9.8
2018-12-13	CVE-2018-19118	Out-of-bounds Write vulnerability in Zohocorp Manageengine Adaudit Plus 4.1.0/4.5.0/5.0.0 Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service (stack-based buffer overflow) via the 'Domain Name' field when adding a new domain. network low complexity zohocorp CWE-787	7.5
2018-12-06	CVE-2018-19921	Cross-site Scripting vulnerability in Zohocorp Manageengine Opmanager Zoho ManageEngine OpManager 12.3 before 123237 has XSS in the domain controller. network low complexity zohocorp CWE-79	6.1
2018-11-20	CVE-2018-18716	Cross-site Scripting vulnerability in Zohocorp Manageengine Opmanager 11.4/11.5/12.3 Zoho ManageEngine OpManager 12.3 before 123219 has a Self XSS Vulnerability. network low complexity zohocorp CWE-79	6.1
2018-11-20	CVE-2018-18715	Cross-site Scripting vulnerability in Zohocorp Manageengine Opmanager 12.3 Zoho ManageEngine OpManager 12.3 before 123219 has stored XSS. network low complexity zohocorp CWE-79	6.1
2018-11-15	CVE-2018-19288	Cross-site Scripting vulnerability in Zohocorp Manageengine Opmanager 11.4/11.5/12.3 Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API. network low complexity zohocorp CWE-79	6.1
2018-11-06	CVE-2018-18980	XXE vulnerability in Zohocorp Manageengine Network Configuration Manager An XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. network low complexity zohocorp CWE-611	7.5
2018-11-05	CVE-2018-18949	SQL Injection vulnerability in Zohocorp Manageengine Opmanager 11.4/11.5/12.3 Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings. network low complexity zohocorp CWE-89 critical	9.8

Vulnerabilities > Zohocorp {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Zohocorp"}]}

Vulnerabilities > Zohocorp