Vulnerabilities > Zohocorp > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-04 | CVE-2014-7867 | SQL Injection vulnerability in Zohocorp products SQL injection vulnerability in the com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus servlet in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allows remote attackers or remote authenticated users to execute arbitrary SQL commands via the probeName parameter. | 7.5 |
2014-12-04 | CVE-2014-6035 | Path Traversal vulnerability in Zohocorp Manageengine Opmanager 11.4 Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine OpManager 11.4, 11.3, and earlier allows remote attackers to write and execute arbitrary files via a .. | 7.5 |
2014-10-26 | CVE-2014-6037 | Path Traversal vulnerability in Zohocorp Manageengine Eventlog Analyzer 8.2/9.0 Directory traversal vulnerability in the agentUpload servlet in ZOHO ManageEngine EventLog Analyzer 9.0 build 9002 and 8.2 build 8020 allows remote attackers to execute arbitrary code by uploading a ZIP file which contains an executable file with .. | 7.5 |
2014-10-21 | CVE-2014-5006 | Path Traversal vulnerability in Zohocorp Manageengine Desktop Central Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. | 7.5 |
2014-10-21 | CVE-2014-5005 | Path Traversal vulnerability in Zohocorp Manageengine Desktop Central Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. | 7.5 |