Vulnerabilities > Zohocorp > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-11 | CVE-2021-41080 | SQL Injection vulnerability in Zohocorp Manageengine Network Configuration Manager 12.4/12.5 Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search. | 9.8 |
| 2021-11-11 | CVE-2021-41081 | SQL Injection vulnerability in Zohocorp Manageengine Network Configuration Manager 12.4/12.5 Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search. | 9.8 |
| 2021-11-11 | CVE-2021-41833 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Patch Connect Plus 9.0.0 Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to unauthenticated remote code execution. | 9.8 |
| 2021-11-11 | CVE-2021-42002 | Unspecified vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution. | 9.8 |
| 2021-11-11 | CVE-2021-42847 | Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files. | 9.8 |
| 2021-11-03 | CVE-2020-24743 | Unspecified vulnerability in Zohocorp Manageengine Applications Manager An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter. | 9.8 |
| 2021-11-01 | CVE-2021-20136 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Log360 5.0/5.1/5.3 ManageEngine Log360 Builds < 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. | 9.8 |
| 2021-10-13 | CVE-2021-40493 | SQL Injection vulnerability in Zohocorp Manageengine Opmanager Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. | 9.8 |
| 2021-10-13 | CVE-2021-41075 | SQL Injection vulnerability in Zohocorp Manageengine Opmanager The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API. | 9.8 |
| 2021-10-07 | CVE-2021-38298 | XXE vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE. | 9.8 |