Vulnerabilities > Zohocorp

DATE CVE VULNERABILITY TITLE RISK
2024-07-17 CVE-2024-27311 Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine DDI Central 4001
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder.
network
low complexity
zohocorp CWE-434
8.8
8.8
2024-07-17 CVE-2024-5471 Use of Hard-coded Credentials vulnerability in Zohocorp Manageengine DDI Central 4001
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover vulnerability due to the hard-coded sensitive keys.
network
low complexity
zohocorp CWE-798
critical
 9.8
9.8
2024-05-29 CVE-2024-27313 Cross-site Scripting vulnerability in Zohocorp Manageengine Pam360 6.6
Zoho ManageEngine PAM360 is vulnerable to Stored XSS vulnerability.
network
low complexity
zohocorp CWE-79
4.6
4.6
2024-05-27 CVE-2024-27310 Unspecified vulnerability in Zohocorp Manageengine Adselfservice Plus
Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input.
network
low complexity
zohocorp
6.5
6.5
2024-05-27 CVE-2024-36037 Incorrect Authorization vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.
local
low complexity
zohocorp CWE-863
5.5
5.5
2024-05-22 CVE-2024-21791 Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option.
network
low complexity
zohocorp
7.2
7.2
2024-05-20 CVE-2023-49331 Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
network
low complexity
zohocorp
8.8
8.8
2024-05-20 CVE-2023-49332 Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
network
low complexity
zohocorp
8.8
8.8
2024-05-20 CVE-2023-49333 Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.
network
low complexity
zohocorp
8.8
8.8
2024-05-20 CVE-2023-49334 Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.
network
low complexity
zohocorp
8.8
8.8